CA JCLCheck must be given READ access to all input sources, such as JCL libraries, procedure libraries, utility control members, and catalogs. Access to existing partitioned data sets that reference a member name in the JCL must also be given access to validate the JCL. When using the AUTOPROC feature, security is called for each PROCLIB that JES2 returns. If security fails, CA JCLCheck issues message CAY6488, and the library is omitted from allocation.
CA JCLCheck can also interface with external security products such as CA ACF2, CA Top Secret, and RACF. CA JCLCheck verifies whether a user has access authority to DATA SET, DASDVOL, PROGRAM, STORCLAS, and MGMTCLAS resources. This type of security prevalidation helps reduce the incidence of S913 ABENDs and job failures when the job is submitted. The security prevalidation option is activated by using runtime options SECURITY(options) and USER(userID). The runtime option USER(userID) is optional. USER(userID) is required only when you are checking if the SECID is different from the SECID of the submitter.
|
Copyright © 2013 CA.
All rights reserved.
|
|