Using the IIOP user-replaceable security program

You may optionally provide an IIOP security program to examine elements of the incoming IIOP request and generate a USERID. You must specify the name of your security program on the URM attribute of the TCPIPSERVICE resource definition, and also supply a PROGRAM resource definition for it. If you do not specify a value for URM on the TCPIPSERVICE, no program is called.

The IIOP security program is called only if CICS® cannot obtain a user ID using SSL client authentication. See the CICS RACF® Security Guide for more information.

A sample IIOP security program, DFHXOPUS, is supplied

Your security program may use CICS services, such as a task-related user exit to access DB2®, and application parameters encoded within the body of the request.