The bypass and protect lists can be used in combination to selectively limit resource security in CICS. The bypass list provides the ability to bypass security resource checks. Resource names added to the bypass list are interpreted as generic prefixes.
The TRANID list, which is a subset of the BYPASS list, bypasses all security checks for an individual transaction. Entries specified in the TRANID bypass list bypass all security checks including OTRAN, LCF and FCT. This includes both LOCKTIME and job-submit processing.
The protect list forces a security check for a resource.
Note: TRANID does not bypass application interface calls.
Example: bypass and protect list
This example shows how the bypass and protect lists are used in conjunction to help tune your CICS security implementation:
TRANID bypass list: D TRANDID protect list: DPAY
User enters:
DISP - resource check bypassed DABC - resource check bypassed DPAY - resource check occurs
In this example, the TRANID bypass list is set to D. The TRANID protect list is set to DPAY.
A user attempting to enter transaction DISP or DABD will not incur a security check. But, if the user attempts to execute the DPAY transaction, a security resource check takes place.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|