CICS® uses RACF® to protect the general resources that you can access through a CICS application program. Each resource is described briefly in Table 1, with the associated CICS system initialization parameter that you use to specify the RACF class name. For comprehensive information about application programming commands and system programming commands associated with each system initialization parameter, see Resource and command check cross reference.
Note that no authorization processing is done for BMS commands.
CICS parameter | General resource protected | Further information |
---|---|---|
XAPPC | Partner logical units (LU6.2). | Implementing LU6.2 security. |
XCMD | The subset of CICS application programming commands that are subject to command security checking. EXEC CICS FEPI system commands are also controlled by this parameter. | CICS command security |
XDB2 | DB2® resource classes for DB2ENTRY, are specified to CICS on the XDB2 system initialization parameter | Resource classes for DB2ENTRYs |
XDCT | CICS extrapartition and intrapartition transient data destinations, also known as queues. Define profiles in the destination class to control who is allowed to access CICS transient data queues. | Security for transient data. |
XEJB | Enterprise bean methods | Java™ Applications in CICS |
XFCT | CICS file-control-managed VSAM and BDAM files. Define profiles in the file class to control who is allowed to access CICS VSAM and BDAM files. | Security for files. |
XJCT | CICS system log and general logs. Define profiles in the journal class to control who is allowed to access CICS journals on CICS log streams. | Security for journals and log streams. |
XPCT | CICS started transactions and EXEC CICS commands: COLLECT STATISTICS TRANSACTION, DISCARD TRANSACTION, INQUIRE TRANSACTION, INQUIRE REQID, SET TRANSACTION, and CANCEL. Define profiles in the started-transactions class to control who is allowed access to started CICS transactions. | Security for started and XPCT-checked transactions. |
XPPT | CICS application programs. Define profiles in the program class to control who is allowed to access CICS application programs. | Security for application programs. |
XPSB | DL/I program specification blocks (PSBs). Define profiles in the program specification block class to control who is allowed to access the DL/I PSBs used in CICS application programs. | Security for program specification blocks. |
XTRAN | CICS transactions. | Transaction security. |
XTST | CICS temporary storage destinations. Define profiles in the temporary storage class to control who is allowed to access CICS temporary storage queues. | Security for temporary storage. |
XUSER | Surrogate user security. | Surrogate user security. |