1. Mainframe Adapter for TCP Gateway User's Guide
  2. Setting Up Security for Oracle TMA TCP Gateway
  3. Security Checking from Tuxedo to Mainframe

4.1 Security Checking from Tuxedo to Mainframe

The following figure illustrates the process flow for security verifications from TMA TCP Gateway to a mainframe.

Figure 4-1 Security Checking for Tuxedo to Mainframe Transactions


Security Checking for Tuxedo to Mainframe Transactions

  1. When the client program performs a tpinit(), the user’s Tuxedo identity is validated against the tpusr file.
  2. When the client program issues a tpcall() or tpacall(), Tuxedo verifies (against the tpacl file) that the user is authorized to invoke the gateway service.
  3. When the gateway establishes the initial connection, connection security information (specified as RMTNAME and PASSWORD in the GWICONFIG file) is passed from the TMA TCP Gateway to the remote gateway. If the RMTNAME and PASSWORD values match the values configured on the remote gateway, the connection is established.

    With each request, the TMA TCP Gateway passes the user’s Tuxedo identity to the remote gateway.

    Note:

    To pass authority checking, the user’s Tuxedo identity must match the mainframe user ID exactly.
  4. The remote mainframe gateway initiates a proxy to act on behalf of the specified user ID.
  5. The proxy calls the specified service using system security to check authorization.

Parent topic: Setting Up Security for Oracle TMA TCP Gateway