Using conditional access lists for transaction profiles

You can add another element of security by making the access list conditional upon the user being signed on at a particular terminal or console.

For example, if the earlier payroll examples are defined as generic transactions in the TCICSTRN class, you could define conditional access as follows:
RDEFINE  TCICSTRN  PAY*
         NOTIFY(pay_manager)  UACC(NONE)
PERMIT  pay*  CLASS(TCICSTRN)  ID(userid) ACCESS(READ)
              WHEN(TERMINAL(termid))
              WHEN(CONSOLE(*))
Note:
  1. The TERMINAL or CONSOLE class must be active for this support to take effect.
  2. WHEN(TERMINAL(termid)) applies only to explicitly signed-on users, and only in the region where the user is explicitly signed on, and in regions connected to it by MRO links only.
  3. CICS uses only the console and terminal ports of entry.