Responses from the system authorization facility (SAF)

If the security profile for a specified resource is not retrieved, SAF neither grants nor refuses the access request. In this situation:

IRC rejects the logon or connect request if:
IRC allows the logon or connect request if:
Any CICS region without a specific DFHAPPL.applid profile, or applicable generic profile, permits all logon and connect requests. No messages are issued to indicate this. To avoid any potential security exposures, you can use generic profiles to protect all, or specific groups of, regions before, or in parallel with, security measures for specific regions. For example, specifying
RDEFINE FACILITY (DFHAPPL.*) UACC(NONE)
ensures that any region without a more specific profile is prevented from binding.