z/OS with vault-style credential mapping

In this model, users are authenticated in a vault-style environment. Figure 1 illustrates this environment:

Figure 1. Web Express Logon in a vault-style environment
Web Express Logon in a vault-style environment
  1. The user clicks a link to launch the Z and I Emulator for Web desktop, which sends an HTTPS request through the network security application to the Web server.
  2. The Web server returns the HTTPS request and the Z and I Emulator for Web desktop displays.
  3. The user launches a host session.
  4. The login macro executes.
  5. The macro sends an HTTPS request to the CMS to obtain the host credentials.
  6. The CMS retrieves the user's network ID from the Network Security plug-in.
  7. The CMS passes the network ID and application ID to the Vault HCM plug-in.
  8. Using the network ID and application ID, the Vault HCM plug-in calls upon a database, such as IBM DB2, to map the user's host ID and password.
  9. The Vault HCM plug-in passes the user's host ID and password to the CMS.
  10. The CMS returns the host credentials to the client as an XML document.
Parent topic: Supported environments