How windows-mode security works
Like any security interface, MainView windows-mode security does not actually protect resources itself.
Instead, the interface identifies MainView resources to your ESM and asks if a user is authorized to access the resource, as described here:
MainView resources are identified to the ESM by using a class name and entity names.
When a user requests access to a protected resource, the MainView product passes the resource class name and entity name to the MainView security interface.
The MainView security interface passes the resource class name and entity name to the System Authorization Facility (SAF).
SAF passes the request to the ESM and, in effect, asks the ESM 'Can this user access this resource under these circumstances?'
The ESM checks the user ID against the existing permit, profile, or rule (depending on the ESM) that protects the resource.
The ESM responds to the question with yes, no, or maybe, and then relays that response through SAF to the MainView security interface.
The MainView security interface relays the ESM response (permitting or denying user access to the resource) to the MainView product.