The security checks performed at CONNECT time provide two levels of security:
- Bind security allows an FOR that runs without CICS
file security to be able to restrict shared access to selected AORs. (Running
without file security minimizes runtime overheads and the number of security
definitions.)
- File security can be activated in the FOR if you
want SDT to implement those checks that apply to the AOR as a whole.
Note that SDT provides no way of implementing those security checks that
an FOR makes at the transaction level when ATTACHSEC(IDENTIFY) or ATTACHSEC(VERIFY)
is used with function shipping.