Manualshelf

TS/MP Supplement for Limits Relief (G06.26+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
21222324252627282930
link-management to obtain a server link from the process broker. After it verifies that the requester has
the authority to perform a send operation to the specified server class, the redirector process performs the
send operation.
ACS Subsystem Product Module (ACSPM)
The product module provides part of the ACS subsystem interface to the Subsystem Control Facility,
shown in Figure 7-1 in Chapter 7. The program file for the ACSPM is installed in
$SYSTEM.SYSTEM.ZACLSCF.
ACS Domains
An ACS domain is a defined set of objects (resources) within a single physical NonStop system that are
controlled and managed as a unit by the ACS subsystem.
The ACS subsystem and its resources are managed and controlled using the Subsystem Control Facility
(SCF), as shown in Figure 7-1 in Chapter 7. You also use SCF commands to manage the ACS subsystem
configuration. For detailed information on SCF and SCF commands, see Chapter 7, SCF Command
Reference for the ACS Subsystem.
Security
ACS Subsystem-Specific Security Features
There are no changes to the TS/MP 2.0 security features. The ACS subsystem provides the following
security features:
Client access authentication to server processes. For Pathsend servers, the ACS subsystem
provides access authentication for each request. When a request is submitted to a server process,
the redirector process authenticates the client ID by checking the ID against the security attribute
for the server class. Then it forwards the authenticated requests to the server process.
Note: Client authentication is only performed for Pathsend servers.
Environment configuration and operation method authentication. The PATHCOM
SECURITY and OWNER attribute values provide basic access protection for server classes. These
attributes determine which operations users can perform on an object within the application
environment, for example, performing an operation on a server class or sending information to the
process associated with a server class.
Note: The SECURITY attribute is only enforced for Pathsend requesters; security for
SCOBOL requesters is enforced differently. Therefore, you cannot use shared servers
that process both Pathsend and SCOBOL requesters in a common security model.
Sensitive and Nonsensitive SCF Commands
SCF commands that change the state or configuration of SCF objects are called sensitive commands.
These commands can be executed only by super-ID users.
See Chapter 7, SCF Command Reference for the ACS Subsystem for detailed information on the SCF