Changes to TCPIPSERVICE resource definition
The
TCPIPSERVICE has a new attribute:
- MAXDATALEN(32|number)
- Defines the maximum length of data that can be received by CICS® as an HTTP
server, on the HTTP protocol or the USER protocol. The default value is 32K.
The minimum is 3K, and the maximum is 524288K. To increase security for CICS Web
support, specify this option on every TCPIPSERVICE definition for the HTTP
protocol. It helps to guard against denial of service attacks involving the
transmission of large amounts of data.
A new USER option is available on the PROTOCOL attribute.
Processing for all non-HTTP requests must now be carried out under the USER
protocol. No parsing is carried out for messages received on the USER protocol,
and requests that have been divided up for transmission across the network
are not automatically assembled. This is the same behavior as when handling
non-HTTP messages in earlier CICS releases.
- PROTOCOL(ECI|HTTP|IIOP|USER)
- Specifies the application level protocol used on the TCP/IP port.
- ECI
- The CICS ECI
protocol is used.
- HTTP
- HTTP protocol is used. HTTP protocol is handled by CICS Web support. CICS performs basic acceptance checks for
messages sent and received using this protocol. This protocol is required
for the well-known ports 80 (used for HTTP without SSL) and 443 (used for
HTTP with SSL).
- IIOP
- IIOP protocol is used. Specify IIOP for TCPIPSERVICEs that are to accept
inbound requests for enterprise beans.
- USER
- The user-defined protocol is used. Messages are processed as non-HTTP
messages. They are flagged as non-HTTP and passed unchanged to the analyzer
program for the TCPIPSERVICE. CICS Web support facilities are used for
handling the request, but no acceptance checks are carried out for messages
sent and received using this protocol. Processing for all non-HTTP requests
must be carried out under the USER protocol, so that they are protected from
the basic acceptance checks which CICS carries out for requests using the
HTTP protocol. If an HTTP message is handled by the USER protocol, you are
responsible for checking its validity.
The attributes of the TCPIPSERVICE resource definition
that are used when PROTOCOL is set to USER, are the same as those used when
PROTOCOL is set to HTTP. URIMAP definitions are not used with the USER protocol.
The
new CICS-supplied transaction CWXU, the CICS Web user-defined protocol attach transaction,
is the default when the protocol is defined as USER. CWXU executes program
DFHWBXN.
The SOCKETCLOSE attribute is now described as follows. Note
that SOCKETCLOSE should not be specified as 0 for the HTTP protocol.
- SOCKETCLOSE(NO|hhmmsss)
- Specifies if, and for how long, CICS should wait before closing the socket,
after issuing a receive for incoming data on that socket.
- NO
- The socket is left open until it is closed by the client, or by a user
application program in CICS.
- hhmmss
- The period of time (in HHMMSS format) after which CICS is to time out the socket. Choose
a value that is appropriate to the responsiveness of the client, and the reliability
of your network. Specifying 000000 closes the socket immediately if no data
is available for any RECEIVEs other than the first one.
If you are using a TCPIPSERVICE for CICS Web Support with the HTTP protocol,
SOCKETCLOSE(0) should not be specified. A zero setting for SOCKETCLOSE means
that CICS closes
the connection immediately after receiving data from the Web client, unless
further data is waiting. This means that persistent connections cannot be
maintained.
If you specify PROTOCOL(ECI) you must specify SOCKETCLOSE(NO).
The
SOCKETCLOSE attribute does not apply to the first RECEIVE issued after a connection
is made. On the first RECEIVE request, for the HTTP, USER and ECI protocols, CICS waits
for data for 30 seconds before closing the socket. For the IIOP protocol, CICS waits
indefinitely.
After the TCPIPSERVICE is installed, you cannot change
this value using CEMT; you must set the TCPIPSERVICE out of service, then
re-install the TCPIPSERVICE with the modified definition.