What infrastructure is required?

RACFBroker requires a z/OS mainframe with RACF installed and configured. It also needs a Java runtime environment to host the RACFBroker/J client component. Network connectivity between the Java application server and the mainframe is essential.

For mainframe products: Does this run in an LPAR?

Yes, RACFBroker/z runs within an LPAR (Logical Partition) on z/OS. It is z/OS dependent and relies on RACF services for security management.

What are the main components of RACFBroker?

RACFBroker consists of two main components: RACFBroker/z, which resides on the z/OS mainframe, and RACFBroker/J, the Java client component that runs on the application server. These components communicate over a network using a defined protocol.

What protocols does RACFBroker use for communication?

The RACFBroker/J component typically communicates with RACFBroker/z using TCP/IP. The specific port used for communication is configurable.

What business problem does RACFBroker solve?

RACFBroker solves the problem of integrating Java applications with RACF security on z/OS. Without it, organizations would need to develop custom solutions or use less secure methods to access mainframe resources from Java applications.

What would happen if an organization did NOT use this product?

If an organization did not use RACFBroker, they would need to implement alternative methods for securing Java applications accessing mainframe resources. This could involve writing custom code, using less secure authentication methods, or foregoing integration altogether, potentially increasing security risks and administrative overhead.

What specific authentication methods are supported?

RACFBroker supports authentication methods provided by RACF, such as user ID and password verification. It leverages RACF's access control lists (ACLs) to determine which users have access to specific resources.

What access control model is used?

RACFBroker uses RACF's access control model, which is primarily an Access Control List (ACL) based system. Permissions are granted to users or groups for specific resources.

What encryption is used and where?

Communication between RACFBroker/J and RACFBroker/z can be encrypted using SSL/TLS to protect sensitive data in transit. RACF itself provides encryption options for data at rest.

What audit/logging capabilities exist?

RACFBroker provides audit logging capabilities that record all authentication attempts and access requests. These logs can be used to monitor security activity and identify potential security breaches.

How is RACFBroker typically deployed?

RACFBroker is typically deployed on-premise, as it integrates directly with a z/OS mainframe environment. The RACFBroker/z component resides on the mainframe, while the RACFBroker/J component is deployed on a Java application server.

What level of technical expertise is required to implement it?

Implementing RACFBroker requires technical expertise in both z/OS and Java environments. Familiarity with RACF security concepts and network configuration is also important.

What ongoing operational requirements exist?

Ongoing operational requirements include monitoring the health and performance of both the RACFBroker/z and RACFBroker/J components. Regular security audits and updates are also necessary to maintain a secure environment.

What are common implementation challenges?

Common implementation challenges include network configuration issues, compatibility problems between different versions of RACF and Java, and ensuring proper security policies are enforced.

Share Your Product Experience

Help the community by sharing your experience with mainframe products. Your insights help others make informed decisions.

Share Your Experience

RACFBroker

Name: RACFBroker
Availability: InStock

XPS Software Active z/OS

Security Sharing UNIX and Windows

Vendor

XPS Software

Product Overview

RACFBroker is designed to bridge Java applications with RACF security on z/OS. It consists of two primary components: RACFBroker/z, which resides on the z/OS mainframe, and RACFBroker/J, the Java client component. RACFBroker/J communicates with RACFBroker/z over TCP/IP, enabling Java applications to authenticate and authorize against RACF.

The architecture involves deploying RACFBroker/z within an LPAR on z/OS, ensuring it has access to RACF services. RACFBroker/J is deployed on a Java application server. The communication protocol supports SSL/TLS for secure data transmission.

The system relies on RACF's access control lists (ACLs) for managing permissions. Key integration points include the Java APIs exposed by RACFBroker/J, which allow developers to perform authentication, authorization, and resource access checks. Alternatives to RACFBroker include custom JNI-based solutions or other security frameworks, but these often lack the tight integration with RACF and require more complex configuration and maintenance.

RACFBroker simplifies the integration process and provides a consistent security layer for Java applications accessing mainframe resources.

Frequently Asked Questions

What does RACFBroker do?

RACFBroker enables Java applications to leverage the security features of RACF (Resource Access Control Facility) on z/OS. It acts as a bridge, allowing Java code to authenticate against RACF and control access to mainframe resources.

Is this a system, application, or tool?

RACFBroker is middleware. It provides a connection between Java applications and the RACF security system on the mainframe, facilitating secure access to resources.

What types of organizations use this?

Organizations that rely on RACF for security on z/OS and want to integrate Java-based applications with their mainframe security infrastructure will find RACFBroker useful. This includes enterprises in banking, finance, insurance, and government sectors.

When should we consider RACFBroker?

A company should consider RACFBroker when they have Java applications that need to access or interact with resources secured by RACF on a z/OS mainframe. This ensures consistent security policies across all applications.

What are the alternatives to RACFBroker?

Alternatives to RACFBroker include custom-built solutions using JNI (Java Native Interface) or other security frameworks that might not directly integrate with RACF. Other options might involve using different security products altogether, but these would require significant changes to the existing security infrastructure.

Related Products

View Details →

UNIX and Windows Networks and Communication

View Details →

3780Link

Active

by Serengeti Systems

z/OSz/VMzVSE/VSEn

3780Link provides a Windows-based emulation of an IBM 2780/3780 terminal, facilitating file transfers to and from mainframe systems via Binary Synchronous Communications (BSC) over RJE....

UNIX and Windows Networks and Communication

View Details →

Help Improve This Directory

Notice outdated information? Have insights about this product? Help the mainframe community stay informed with accurate, current data.

Report Issue Suggest Product Share Event

Are You a Vendor? Claim Your Listing

Take control of your product listings. Add verified information, showcase updates, and unlock a Claimed Vendor badge across the directory.

Claim Your Listing Now

Share Your Product Experience

RACFBroker

Product Overview

Frequently Asked Questions

What does RACFBroker do?

Is this a system, application, or tool?

What types of organizations use this?

When should we consider RACFBroker?

What are the alternatives to RACFBroker?

What infrastructure is required?

For mainframe products: Does this run in an LPAR?

What are the main components of RACFBroker?

What protocols does RACFBroker use for communication?

What business problem does RACFBroker solve?

What would happen if an organization did NOT use this product?

What are the key benefits of using RACFBroker?

What specific authentication methods are supported?

What access control model is used?

What encryption is used and where?

What audit/logging capabilities exist?

How is RACFBroker typically deployed?

What level of technical expertise is required to implement it?

What ongoing operational requirements exist?

What are common implementation challenges?

Related Products

More from XPS Software

Similar Products

Help Improve This Directory

Are You a Vendor? Claim Your Listing