There are no CICS parameters that let you control transaction-attach security at the individual transaction level, because CICS Transaction Server for z/OS Release 3 transaction-attach security for non-terminal transactions is always done if transaction security is active (SEC=YES and XTRAN is not NO). In this case CICS always checks the authority of any user ID to attach a transaction.
When the transactions are started by the EXEC CICS START TRANSID command with no TERMID but with a USERID operand, they are started using the specified user ID that must be authorized to attach the started transaction. However, when transactions are started by the EXEC CICS START TRANSID command with neither a TERMID nor a USERID operand they inherit the user ID associated with the starting transaction, and the inherited user ID must be authorized to attach the started transaction. Users who were able to run such transactions successfully in prior releases of CICS now authorize to attach these transactions. An option is to customize RACF (exit ICHRFX01) so that the transaction-attach check is always successful for non-terminal transactions. See the CICS RACF security guide for more information about this option.
|
Copyright © 2014 CA.
All rights reserved.
|
|