BSSV Security

jaisejames75

Member
Hello,

Currently we have a user that calls BSSV and have full blown security access in P00950. We would like to limit this access. There Published BSSV Security that allows us to provide access to various published BSSV. But what about any other security type. Can we deny access to *ALL and just provide access to Published BSSV. How have you implemented this in your system. Thanks in advance for your help


Thanks in advance for your help
 
I don't think that other security types are going to affect a BSSV user.

For example, because there is RUN security on P01012, a BSSV user would still be able to communicate to the underlying address book data.

However, if you're asking whether you can start with a "DENY *ALL" closed door security model, then I think the answer is yes - since you wouldn't want the user ID to be used directly to access E1.

Lastly, I haven't really had a chance to see if AIS is affected by Application Security. I would expect that if you had an interface through AIS, and the user ID didn't have access to run P01012, then its likely that AIS wouldn't be able to work.
 
Yes I think AIS does honor the 950 security but I am not sure how P98950M plays out in the security setup. As of now I am just giving *PUBLIC to the respective M** app under P98950M.
 
Thank you Jon/Soumen. I am talking more interms of BSSV only and not AIS. I understand AIS will call the REST API and will be calling an application within E1 and it will not work if the security is not provided. However, with BSSV, it usually call BSFN and Hence denying the access for *all might work. We are going to test this. I wanted to check how others have done. In my previous company we had given full blown access without much issue. However, at my new Job, Auditor wants to remove *ALL from this user. One suggestion was to provide *ALL and remove access fro critical applications. This is still lot of access.
 
Back
Top