What is authorization?
A. Authorization is the granting of official permission to work with specific applications, resources, and services. Authorization information will be used to 1) access the Electronic GC1 or GCS Internal Office Systems, and 2) determine who can approve proposals during electronic routing and approval. See Authorization for more details.
Authorization verifies that a client may access the requested resource (a file or database, for example) in the requested way or manner (read, write, add, change, delete, and so on). Authorization is the responsibility of the server application program. The application performs this function by using the client user ID and client LU name provided by the server LU. The server application must never depend on any data sent to it by the client application for user identification since application data can easily be corrupted. Because client authentication is the responsibility of the LUs, the server application should not make any further attempt to authenticate the client. If a server application needs to determine the NJE node name (for example, RSCS or JES2) of the client, it should do so by using the client LU name and LU name, not by getting the node ID or other identifying information from the application data stream.
