Installing EntireX Security under BS2000

This document covers the following topics:


Installing EntireX Security for Broker Kernel

This section describes the steps for installing EntireX Security for Broker kernel under BS2000. The installation procedure has the following steps:

Modify the Broker Attribute File

Start of instruction setTo modify the Broker attribute file

  1. Insert the following parameter in the section DEFAULTS=BROKER of the Broker attribute file:

    SECURITY=YES
  2. Modify the DEFAULTS=SECURITY section of the Broker attribute file according to your requirements. These parameters are used to adjust the security settings. See Security-specific Attributes. Authorization checks are currently not available.

Note:
Setting SECURITY=YES will load the provided load module USRSEC from the EXX load library assigned by LINK-NAME ETBLIB. This module will perform privileged operations, such as executing the SRMUINF macro for various users, and requires Broker running under TSOS.

Start (Restart) Broker Kernel

The Broker must be restarted to pick up changes to the Broker attribute file and to initialize Broker kernel under BS2000 to perform security checks.

Basic installation of EntireX Security for Broker kernel is now complete.

Installing EntireX Security for Applications Using Broker

This section describes the steps for installing EntireX Security for Broker stub under BS2000.

Notes:

  1. If you are running your application(s) with ACI version 7 or below, the following steps are required to install EntireX Security for the Broker stubs in all environments where applications execute either as clients or servers. These steps are not required if you are running your application(s) with ACI version 8 or above.
  2. For usage, see Using Sample Security Exits for Broker Security in the EntireX Broker documentation.

Link the Security Components

For applications running on BS2000 using ACI 7 or below, the Broker stub security component NA2PETS must be linked with the stub BROKER. In addition, LLM SECUEXIT must be made available. The following steps are required:

  • Relink all applications that contain stub BROKER to include module NA2PETS.

  • Assign the EXX load library by using an ADD-FILE-LINK statement with LINK-NAME ETBUSER.

Notes:

  1. These steps are needed for backward compatibility if your applications issue any commands using ACI version 7 or below. Applications using ACI version 8 or above do not require these additional components in the stub.
  2. For ACI version 7 or below, these components must be added to the stub environment utilized by the application.

Installation of EntireX Security for Broker stubs is now complete. Now you can install the security components for the Broker stubs on the remaining operating systems where your application components are located.