|
The DCAS is a TCP/IP server application that
runs on OS/390 V2R10 and later (z/OS included). It interfaces with
a Security Access Facility (SAF)-compliant server product to assist
with express logon services such as Certificate-based Web Express
Logon. In this example, this SAF-compliant server product is IBM Resource
Access Control Facility (RACF). |
Web Express Logon supports two different models for z/OS and DCAS
environments—one in which users are identified via a network
security application and one in which users are identified via client
certificates (called Certificate-based Web Express Logon). The configuration
steps defined in this chapter cover both models with certain information
that is specific to Certificate-based Web highlighted with the following
icon:
|
Refers to information that is specific to Certificate-based
Web Express Logon. |
The following steps show you how to edit and deploy the CMS provided
with
Z and I Emulator for Web, create an SSL key database so that
Z and I Emulator for Web can
communicate with the DCAS, and use the Deployment Wizard to create
your HTML file, configure your 3270 host session, and record your
login macro. In a certificate-based environment, you must also configure
your HTTP server as well as the browser and Java 2 keystore on each
Z and I Emulator for Web client.
In a non-certificate-based environment, you must configure your network
security application and create your HCM database. Both models require
you to configure the Digital Certificate Access Server (DCAS).
|
For more information about configuring Z and I Emulator for Web clients for HTTPS and
client authentication, refer to the Planning, Installing, and Configuring
Z and I Emulator for Web guide
located in the Z and I Emulator for Web
Information Center at Start > Programs > HCL Z and I Emulator for Web > Information
Center or on the web at https://zieweb.hcldoc.com/help/index.jsp. |
|
Steps 5–8 are designed for administrators
who are planning to use the Deployment Wizard to create the HTML file,
configure the host session to use Web Express Logon, and record the
Web Express Logon macro all in one sitting. However, you may decide
to create your HTML file first and then configure your session and
create your macro later. |