This topic contains Product-sensitive Programming
Interface and Associated Guidance Information.
In CICS® Transaction Server for z/OS®, Version 3 Release 1,
the only form of security CICS supports is that provided by an external security
manager (ESM), such as RACF®. CICS uses, by means of the RACROUTE macro, the MVS™ system
authorization facility (SAF) interface to route authorization requests to
RACF.
Figure 1 shows how the MVS router exit and
RACF user exits are invoked when CICS issues a RACROUTE macro.
Figure 1. MVS router exit.
- CICS issues the RACROUTE macro, which invokes the MVS router.
- The MVS router calls the MVS router exit (ICHRTX00)
- If the MVS router exit's return code is zero, the MVS router calls the
RACF router; the RACF router calls the external security manager (RACF in
this example). The security manager may call its own user exits.
- The MVS router returns control to CICS.
See the
z/OS Security Server RACROUTE Macro
Reference for information on how the RACROUTE macro is coded.
The control points at which CICS issues a RACROUTE macro to route authorization
requests are described in CICS security control points.