Access control list section - connect_cdc_sqdata - 4.1

Connect CDC (SQData) Secure communications components

Product type
Software
Portfolio
Integrate
Product family
Connect
Product
Connect > Connect CDC (SQData)
Version
4.1
Language
English
Product name
Connect CDC (SQData)
Title
Connect CDC (SQData) Secure communications components
Topic type
How Do I
Installation
Copyright
2024
First publish date
2000
ft:lastEdition
2024-02-07
ft:lastPublication
2024-02-07T13:29:14.268926

The Access Control List Section [acls] assigns one or more access "types" to individual users or groups in a comma separated list.

Syntax
[acls]
<user_name> | <group_name> = <access type list>
Keyword and Parameter Descriptions
Keyword Description
<user_name> | <group_name>

Individual user_name/user-id or group_name

<access type list> A comma separated list of one or more of the following access or authorization types listed in ascending order of authority:
  • none - Explicitly assign no authorization. When present in a list all other elements of the list are ignored.
  • query - Allow to query the daemon about the state of the daemon and its agents. That includes the SQDmon utility Inventory and Display commands.

  • read - Allow to read data from an agent. An engine must have such authorization to be able to fetch cdc data from a publisher.

  • write - Not presently used.

  • exec - Allow to start or stop an agents. This type is both agent type and platform specific. Engine and Program (which includes scripts supported on the platform) Types may be started and stopped only on platforms other than z/OS.

  • admin - Allow all rights. This level of access is required for to reload a modified daemon configuration.

  • sysadm - A special rights that allow the ability to shutdown the daemon itself. By default only the user used to run the daemon has that ability, unless that user has been given sysadm access/authorization explicitly or via a group in the acl.cfg file.

Note:
  • When a type of access or authorization is assigned to a group_name, the list will propagate to all users in the group.
  • Access types are cumulative therefore it is only necessary to list the maximum access or authorization allowed for an individual User or Group.
  • The user_name/user_id that starts the daemon, is implicitly granted sysadm access whether or not explicitly assigned to a group or individually assigned another specific access right or authorization.