SAF Realm on a Z/OS with TSS.

Issues and Questions related to running Apache Tomcat on z/OS
Post Reply
joulin
Posts: 3
Joined: Sat May 03, 2014 2:43 am

SAF Realm on a Z/OS with TSS.

Post by joulin » Mon May 05, 2014 8:05 am

Hi,
I don't have access to support to add an information when you want to implement SAF Realm on a Z/OS with TSS.
I post this information in case someone can update documentation on how to activate SAF on Z/OS.

The problem is : when manager EJBROLE is active, if you enter a wrong password on manager URL for Tomcat, you will be prompted to enter a password at the Z/OS console. The user on the Internet browser are blocked until the good password is entered on the Z/OS Console.

To avoid this reply you have to create a MASTERFAC TOMCAT and to ADD Tomcat user to this MASTERFAC and permit users to the TOMCAT FACILITY.

Here are TSS definitions :
FACILITY(USER131=NAME=TOMCAT)
FACILITY(TOMCAT=MULTIUSER,SIGN(M))

TSS ADD(TOMCAT) MASTFAC(TOMCAT)
TSS ADD(TOMCAT) FAC(STC,TOMCAT)
TSS ADD(myuser) FAC(TOMCAT)

Regards

Post Reply