These Release Notes apply to Adabas SAF Security version 7.4.2. Read this document carefully before installing and using this version of Adabas SAF Security.
Adabas SAF Security (ADASAF) provides protection of Adabas resources using standard security packages based on the System Authorization Facility (SAF). These security packages include RACF, Computer Associates' Top Secret, and ACF2 in the following operating system environments:
OS/390 version 2, release 10
z/OS version 1, releases 1-4
z/OS.e, releases 3-4. Support for z/OS.e is currently restricted to client programs executing in batch, or under TSO or Com-plete.
|
|
Prerequisites | Adabas SAF Security Version 7.4.2 Prerequisites. |
|
|
Enhancements | Adabas SAF Security Version 7.4.2 Enhancements |
|
|
Online Documentation | Adabas SAF Security Version 7.4.2 Online Documentation |
Adabas SAF Security version 7.4.2 can be used to protect Adabas version 7.1.3 and above. It requires the prior installation of
Adabas version 7.1.3 (or above), or Adabas Cluster Services version 7.2.1 (or above), or Adabas Parallel Services 7.4.2 (or above)
Note:
If you are planning to use Adabas SAF Security version 7.4 with Adabas
version 7.1.3 databases, see the instructions in the Adabas System
Coordinator version 7.4 documentation.
Note:
The minimum required level of Adabas version 7.4 is version
7.4.2.
Adabas System Coordinator version 7.4.2 (or above)
Adabas Limited Libraries (WAL) version 7.4.2 (or above)
Natural version 3.1 (or above) is required by the Online Services application SYSAAF
Adabas SAF Security version 7.4 requires the Adabas System Coordinator version 7.4. ADASAF needs only the database component (ADAPOP), unless you wish to use ADASAF's Online Services in a cluster environment. In this case, if you do not already know which cluster instance you want information from, you need a System Coordinator daemon to establish which instances are active. For more information, refer to the Adabas System Coordinator documentation and Adabas SAF Security Installation.
The security kernel used by ADASAF (AAFNUC in version 7.1 and AAFKRN in version 7.3) has been superseded by a SAF security kernel shared by ADASAF and other Software AG SAF security products. The SAF security kernel and its associated objects are provided on the Adabas Limited Load library (WAL), starting with version 7.4.2. There are corresponding WAL source and job libraries.
Objects that were formerly supplied with ADASAF and are now supplied with WAL are shown in the following table:
| Old (ADASAF) Name | New (WAL) Name | Library | Function |
|---|---|---|---|
| AAFNUC (7.1) / AAFKRN (7.3) | SAFKRN | Load | SAF kernel |
| NA2PPRM (7.1) / AAFCFG (7.3) | SAFCFG | Source/Load | Configuration options |
| NA2PSEC (7.1) / AAFPSEC (7.3) | SAFPSEC | Source/Load | RACROUTE macros |
| NA2POS / NA2PMAC | SAFPOS / SAFPMAC | Source/Load | Operating system services |
| SVCLIST | SVCLIST | Load | List active Adabas SVCs |
| SVCSAF | SVCSAF | Load | Router security extensions |
| SAGI040 | SAFI010 | Jobs | Assemble SAFCFG |
| SAGI070 | SAFI020 | Jobs | Assemble SAFPSEC |
| SAGI080 | SAFI021 | Jobs | Assemble SAFPMAC |
| All source members with names beginning NA2M | Unchanged | Source | Macros used in Assemblies |
The Online Services application, SYSAAF, for Adabas SAF Security version 7.4.2 is distributed in two forms:
a demo version distributed with Adabas version 7.4, and
a fully operable version distributed with Adabas SAF Security version 7.4.2.
In previous versions of Adabas SAF Security there was a requirement to first install the demo version prior to installing the fully operable version. This is no longer the case.
A fully operable system will be available immediately on installing the Natural INPL objects and ERRN error messages supplied on the Adabas SAF Security version 7.4.2 release tape.
Note:
If you install the demo version distributed on the Adabas release
tape after installing the fully operable version, then you must reapply the
fully operable version from the Adabas SAF Security release tape along with any
subsequently applied INPL updates.
ADASAF version 7.4.2 incorporates all fixes to previous versions and provides the following enhancements:
Enhanced cross-level checking
Compatibility with Adabas Basic Services 7.4.1
Enhanced mechanisms for provision of passwords and cipher codes
Dynamic activation or deactivation of security tracing
New configuration options
Adabas SAF Security provides a cross-level checking capability which ensures that a user can only access and update Adabas files if the job in which that user is executing also has the necessary security access to those Adabas files. With version 7.4, this capability has been extended so that it is possible to allow some users to access Adabas files from a certain job and prevent others (even though the prevented users may be allowed access to the data from other jobs).
Adabas SAF Security version 7.4 may be used to protect new features introduced in Adabas Basic Services version 7.4.
A new user exit has been introduced with version 7.4 which is called by Adabas SAF Security during nucleus initialisation. This new user exit may be used to provide passwords and cipher codes.
Adabas SAF Security can be configured to write a trace message for every security violation or for every successful security check or for all security checks. A new operator command can be used to switch tracing on or off dynamically:
AAF TRACE={0|1|2|3}
There are several new configuration parameters:
| NOTOKEN | Allows calls from unsecured clients. This option should only be used when absolutely necessary during a phased implementation of Adabas SAF Security. |
|---|---|
| SAFPRINT | Causes Adabas SAF Security to write security trace messages to a special dataset rather than to the nucleus's DDPRINT. |
| WTOCASE | By default, all AAF prefix messages are now written in mixed case. However, you may use this option to force them to be upper case if compatibility with previous versions is required. |
The Adabas SAF Security version 7.4.2 documentation is provided in HTML format for electronic distribution on CD-ROM and via ServLine24. The documentation has been structured for optimal online access including extensive use of hyperlinks to related topics. In addition, full text search and indexing features are available. All documents are also available as PDF files for selective printing at a user site.
The Online Documentation Main Menu provides an overview of the AAF documentation.
The following related documentation is available on the Adabas Version 7.4.2 documentation CD:
SAF Security Kernel