SURROGAT Resource Class—Restrict Preset Security

Resources › SURROGAT Resource Class—Restrict Preset Security

SURROGAT Resource Class—Restrict Preset Security

Valid on z/OS and z/VM.

Use SURROGAT to restrict installation of pre‑set security for terminals to specific ACIDs. SURROGAT can only be used with terminals running under CICS 4.1.

The SURROGAT keyword is used to establish access authorizations and restrictions.

This resource class has the following format for ADDTO/REMOVE:

TSS ADDTO(acid) SURROGAT(acidname.DFHINSTAL)

Prefix length: Two to 17 characters

When used with TSS PERMIT/REVOKE, this resource class has the following format:

TSS PERMIT(acid) SURROGAT(acidname.DFHINSTAL)

Prefix length: Two to 44 characters

This keyword is used with:

The commands CREATE, ADDTO, REMOVE, PERMIT, REVOKE, ADMIN, DEADMIN, WHOHAS, and WHOOWNS
The SURROGAT ACID types User, Profile, Department, Division, Zone, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS ADD/REMOVE
The SURROGAT ACID types User, Profile, DCA, VCA, ZCA, LSCA, SCA, and MSCA when used with TSS PERMIT/REVOKE
SURROGAT(OWN) authority to ADD or REMOVE terminals from ACIDs
SURROGAT(XAUTH) authority to permit or revoke access to terminals that are owned

The administrator can use any of the following methods to control access to surrogate terminals: Expiration, Facility, Time/Day, and Actions.

Example: SURROGAT resource class

This example installs a terminal with a pre‑set userid of WAREHOUS, an ACID named WAREHOUS must be defined to CA Top Secret with permission to the CICS Facility and any appropriate resources:

TSS ADDTO(CICSDEPT) SURROGAT(WAREHOUS.DFHINSTAL)

This example permits the user defining the terminal access to the SURROGAT resource for WAREHOUS:

TSS PERMIT(CICSADM) SURROGAT(WAREHOUS.DFHINSTL)
                    ACCESS(READ)