CICS® supports resource security checking for CICS-defined DB2ENTRY resources, for which there are no IBM®-supplied RACF® resource classes. For DB2ENTRYs, you define security profiles in user-defined class names, and use the XDB2 system initialization parameter to specify the class name to CICS. The syntax for the XDB2 system initialization parameter is XDB2=NO|name, which does not support a default class name like the other security system initialization parameters. Use the DFH$RACF sample job as an example of how to define DB2® resource class names for CICS use.
Do not use one of the CICS default resource classes in which to define DB2ENTRY profiles. CICS uses RACLIST to activate the profiles in the default resource classes according to the Xname system initialization security parameters you specify, and XDB2 should specify a user-defined class name defined specifically for DB2ENTRY resources.