[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Authorities in the IFS (DCM)

To: <ftpapi@xxxxxxxxxxxxx>
Subject: Authorities in the IFS (DCM)
From: "ian" <ian@xxxxxxxxxxxxxxxxx>
Date: Fri, 11 Feb 2005 10:32:39 -0000
Importance: Normal
In-reply-to: <20050210232938.G12959@grungy.dstorm.net>
Reply-to: ftpapi@xxxxxxxxxxxxx
Sender: owner-ftpapi@xxxxxxxxxxxxx

Sender: "ian" <ian@xxxxxxxxxxxxxxxxx>

We are experiencing some difficulties in authorities in the IFS which appear
to be random, but I am sure they are not.
We use Scotts httpapi in ssl mode, which in turn evokes a usage of the DCM.
The path to the DCM is:
/QIBM/USERDATA/ICSS/CERT/SERVER/DEFAULT.kdb

Occasionally, some users get the message :
SSL Handshake: (GSKIT)
Access to key database not allowed

If we chase the authorities down the subfolder chain, *PUBLIC has *RX rights
up to the server folder.
SERVER and DEFAULT.kdb have *PUBLIC *EXCLUDE
Changing the *PUBLIC authorities for server and default fixes the problem.

My question is, why do we not get this error for all Users ? Our experience
is something like 50/50 get/do not get/ the error.
There may be something else that affects the access to default.kdb other
than the authorities I have described above.
I note that QSYS retains all rights. Is it possible that some users are
adopting QSYS ?

Any comments would be welcome.

Regards,

Ian Patterson

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

Follow-Ups:
- Re: Authorities in the IFS (DCM)
  - From: Scott Klement

References:
- Re: posting ampersand in xml
  - From: Scott Klement

Prev by Date: Re: posting ampersand in xml
Next by Date: Re: FTP API and SSL
Previous by thread: Re: posting ampersand in xml
Next by thread: Re: Authorities in the IFS (DCM)
Index(es):
- Date
- Thread