Writing a Credential Mapper plug-in

ZIETrans provides several Credential Mapper plug-ins. If you decide not to use any of these, you can create your own plug-in.

The function of the Credential Mapper plug-in is to take the user's network ID (and perhaps the application ID) and obtain the appropriate host credentials. In Web Express Logon's implementation, users' network IDs are mapped to their host IDs during this process by way of a Java™ Database Connectivity (JDBC) accessible database. However, you might want to do this by another means, such as LDAP. For this reason, you might want to write your own Credential Mapper plug-in.

In the DCAS/JDBC plug-in, ZIETrans automates z/OS® logins by associating a user's network IDs with their host IDs, and taking the host ID with the application ID and obtaining a RACF-generated passticket from the Digital Certificate Access Server (DCAS), a component of z/OS. This passticket is then used to sign the user on to the host. In your environment, you might not want to use the JDBC association aspect of the provided plug-in. For this reason, ZIETrans provides a DCAS API. This API provides access to RACF-generated passtickets.