This section only applies to Natural Security on mainframe computers, and the functionality described only applies as of Version 8.2.3.
This section covers the following topics:
A Natural Web I/O Interface server has to be defined in Natural Security only if this server is to use an Integrated Authentication Framework (IAF) server for token validation.
For information about Natural Web I/O Interface servers, see the Natural Web I/O Interface documentation. For information about IAF, see Introduction to the Integrated Authentication Framework in the EntireX Communicator documentation.
If Integrated Authentication Framework (IAF) is installed, a Natural Web I/O Interface server can use an IAF server for token validation.
An IAF server which to be used has to be defined to Natural Security, that is, a security profile has to be created for it, as described under Creating and Maintaining Security Profiles for IAF Servers and LDAP.
In the security profile of the Natural Web I/O Interface server, you activate IAF support by setting the option IAF Support to "Y". When you do so, you will be prompted to select the IAF server to be used by the Natural Web I/O Interface server. If only one IAF server is defined to Natural Security or one of the IAF servers is defined as default server, this one will be used without your being prompted.
The following type of screen is the primary profile screen which is displayed when you invoke one of the functions Add, Copy, Modify, Display for the security profile of a Natural RPC server:
21:58:38 *** NATURAL SECURITY *** 2012-09-09
- Display NatWebio Server -
Modified .. 2012-09-09 by ABC
NatWebio Server.... WEBSRV01
Description ....... Test environment
--------------- Options -------------
IAF support ............... (N,Y): N
Additional Options ... N
Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12---
Help PrevM Exit AddOp Flip Canc |
The individual items you may define as part of a Natural Web I/O Interface server's security profile are explained below.
| Field | Explanation | |
|---|---|---|
| IAF Support | This option is used to activate the support of the Integrated Authentication Framework (IAF) for the server: | |
| N | IAF support is not active. | |
| Y | IAF support is active: The Natural Web I/O
Interface server will use an IAF server for token validation.
When you set this option to "Y", you will be prompted to select the IAF server to be used. If only one IAF server is defined to Natural Security or one of the IAF servers is defined as default server, this server will be used without your being prompted. The name of the IAF server assigned is displayed. To change the assignment, you press PF9 to select another IAF server. |
|
| See the section IAF Support above for further information. | ||
If you either mark the field Additional Options with "Y" or press PF4, a window will be displayed from which you can select the following options:
Maintenance Information
Security Notes
Owners
The options for which something has already been specified or defined are marked with a plus sign (+).
You can select one or more items from the window by marking them with any character. For each item selected, an additional window will be displayed:
| Additional Option | Explanation |
|---|---|
| Maintenance Information (display only) |
In this window, the following information is displayed:
|
| Security Notes | In this window, you may enter your notes on the security profile. |
| Owners | In this window, you may enter up to eight IDs of
administrators. Only the administrators specified here will be allowed to
maintain this server security profile.
If no owner is specified, any user of type "Administrator" may maintain the security profile. For each owner, the number of co-owners whose countersignatures will be required for maintenance permission may optionally be specified in the field after the ID. For information on owners and co-owners, see the section Countersignatures. |
This section describes the functions used to create and maintain security profiles for Natural Natural Web I/O Interface servers. It covers the following topics:
To invoke Natural Natural Web I/O Interface server maintenance:
On the Main Menu, select Maintenance.
A window will be displayed.
In the window, mark the object type Natural Web I/O Interface Server with a character or with the cursor.
The Natural Web I/O Interface Server Maintenance selection list will be displayed.
From this selection list, you invoke all Natural Web I/O Interface server maintenance functions as described below.
To define a Natural Web I/O Interface server to Natural Security, you create a security profile for it.
To do so:
In the command line of the Natural Web I/O Interface
Server Maintenance selection list, enter the command
ADD .
A window will be displayed.
In this window, enter an ID for the server. The ID
corresponds to the server name as specified with the SRV parameter
at server startup in the installation procedure; see Installing and
Configuring the Natural Web I/O Interface Server in the
Natural Web I/O Interface documentation.
After you have entered a valid ID, the Add Natural Natural Web I/O Interface Server screen will be displayed.
The individual items you may define on this screen and any additional windows that may be part of a server security profile are described under Components of a Natural Web I/O Interface Server Profile above.
When you add a new server profile, the owners specified in your own user security profile are automatically copied into the server security profile.
When you invoke Natural Web I/O Interface Server Maintenance, a list of all Natural Web I/O Interface server profiles that have been defined to Natural Security will be displayed.
If you do not want a list of all existing profiles, but wish only certain servers to be listed, you may use the Start Value option as described in the section Finding Your Way In Natural Security.
On the Main Menu, select Maintenance. A window will be displayed.
In the window, mark the object type Natural Web I/O Interface Server with a character or with the cursor (and, if desired, enter a start value). The Natural Web I/O Interface Server Maintenance selection list will be displayed:
14:49:01 *** NATURAL SECURITY *** 2012-09-09
- NatWebio Server Maintenance -
Co NatWebio Server Description Message
__ _______________________________ _____________________ _____________________
__ WIOS01 Web IO server 01
__ WIOS02 Web IO server 02
__ WIOS11EST Test server 11
__ * NatWebIO server default * Default Server ID
Command ===>
Enter-PF1---PF2---PF3---PF4---PF5---PF6---PF7---PF8---PF9---PF10--PF11--PF12---
Help Exit Flip - + Canc |
For each server, the server ID is displayed.
The list can be scrolled as described in the section Finding Your Way In Natural Security.
The following maintenance functions are available for Natural Web I/O Interface server profiles (possible code abbreviations are underlined):
| Code | Function |
|---|---|
CO |
Copy server profile |
MO |
Modify server profile |
RE |
Rename server profile |
DE |
Delete server profile |
DI |
Display server profile |
To invoke a function for a server profile, mark the server with the appropriate function code in column Co.
You may select various server profiles for various functions at the same time; that is, you can mark several servers on the screen with a function code. For each server marked, the appropriate processing screen will be displayed. You may then perform the selected functions for one server profile after another.
The Copy Server Profile function is used to define a new Natural Web I/O Interface server to Natural Security by creating a security profile which is identical to an already existing one.
All components of the existing security profile will be copied into the new security profile - except the owners (these will be copied from your own user security profile into the new server security profile).
Any links from users to the existing server will not be copied.
On the Natural Web I/O Interface Server
Maintenance selection list, mark the server whose security profile
you wish to duplicate with function code CO.
A window will be displayed. In the window, enter the ID of the new
server. The ID corresponds to the server name as specified with the
SRV parameter at server startup in the installation procedure; see
Installing and Configuring the Natural Web I/O Interface
Server in the Natural Web I/O Interface
documentation.
After you have entered a valid ID, the new security profile will be displayed.
The individual components of the security profile you may define or modify are described under Components of a Natural Web I/O Interface Server Profile above.
The Modify Server Profile function is used to change an existing Natural Web I/O Interface server security profile.
On the Natural Web I/O Interface Server
Maintenance selection list, you mark the server whose security
profile you wish to change with function code MO. The security
profile of the selected server will be displayed.
The individual components of the security profile you may define or modify are described under Components of a Natural Web I/O Interface Server Profile above.
The Rename function allows you to change the server ID of an existing Natural RPC server security profile.
On the Natural RPC Server Maintenance selection
list, you mark the server whose ID you wish to change with function code
RE. A window will be displayed in which you can enter a new ID for
the server profile.
The ID corresponds to the server name as specified with the
SRV parameter at server startup in the installation procedure; see
Installing and Configuring the Natural Web I/O Interface
Server in the Natural Web I/O Interface
documentation.
The Delete Server Profile function is used to delete an existing Natural Web I/O Interface server security profile.
On the Natural Web I/O Interface Server
Maintenance selection list, you mark the server whose profile you
wish to delete with function code DE. A window will be
displayed.
If you have invoked the Delete function and should then decide against deleting the given server security profile, leave the Delete Server Profile window by pressing ENTER without having typed in anything.
If you wish to delete the given server security profile, enter the server ID in the window to confirm the deletion.
If you mark more than one server profile with DE, a window
will be displayed in which you are asked whether you wish to confirm the
deletion of each server security profile with entering the server ID, or
whether all server profiles selected for deletion are to be deleted without
this individual confirmation. Be careful not to delete a server profile
accidentally.
The Display Server Profile function is used to display an existing Natural Web I/O Interface server security profile.
On the Natural Web I/O Interface Server
Maintenance selection list, you mark the server whose security
profile you wish to view with function code DI. The security
profile of the selected server will be displayed.
The individual components of the security profile are explained under Components of a Natural Web I/O Interface Server Profile above.