An APPC profile can become invalid for a number of reasons; for example:
- The session key expires
- The session key changes and a SETROPS REFRESH takes place in one system
without the corresponding change and refresh occurring in the other system
- The profile is locked while REFRESH takes place.
Sessions that are already acquired still continue to function normally
if bind security fails in another session. If you are using expiring session
keys, then the connection can still be used after the expiry date, if any
of the sessions on the connection were acquired before the date of expiration,
and have remained acquired. Hence, you see the effect of an expiring session
key only when the connection (or session) is acquired.
Note: No warning messages are produced stating that the session key is about
to expire. However, an SMF record can be written when a key is used that
will expire shortly. Therefore, you can use the RACF Report Writer regularly
to find out which keys need maintenance. Otherwise, if expiring session keys
are used, you must remember when the keys are due to expire. You must also
take appropriate action to minimize any disruption that may occur because
the connection is unavailable because of an expired session key. For example,
you should plan for the changing of the session keys, for security rebuilds
(for both CICS systems) and for the possibility of having to reacquire the
connection.
You can avoid the problem of APPC profiles becoming invalid while the connection
is in use by specifying AUTOCONNECT(YES) or AUTOCONNECT(ALL) on the SESSIONS definition.
This causes all sessions to be established (acquired) when the connection
is acquired.