Setting up external security for the JESSPOOL with   Roscoe.

Release: 6.0

Component: ROSCOE

JES

To activate external security for the JES SPOOL with  Roscoe, the following parameters need to be set, at a minimum, in the Roscoe startup parameters:

ACFEXT=YES

JOBEXT=YES

EXTSEC= (Specify the name of your security package)

ATTACH JOB SECURITY

Control is available for individual access to files on JES SPOOL. When a user attaches a job through the Attach Job Facility (AJOB command), a call is made to the external security system with a resource class of JESSPOOL. The use of the OUTEXIT to control the files a user can view is no longer necessary as it was in earlier versions of Roscoe.

PURGE JOB SECURITY

RO77806 should be applied. This is the latest version of the Purge monitor. This PURGE Monitor routine will retrieve information about the job to be deleted and issue a security check, using a resource class of JESSPOOL and a 6-part resource name in the format

localnode.userid.jobname.jobid.*.OUTPUT

requesting control authority. When the security check is successful, the PURGE command will be allowed to execute normally. If the security check fails, the PURGE command will receive a security error PUR18 PURGE FAILED DUE TO INSUFFICIENT AUTHORITY, and the job will not be purged.

When RO60831 is applied, security calls are done for PURGE requests as well as AJOB when JOBEXT=YES is specified. However, this requires that JESSPOOL is properly defined to the security system also. RO60831 is an apar above the 0612 genlevel.

10/23 - removed sensitive data - removed hyperlinks to PTFs they did not work (RPJ)