z/OS CICS Security Considerations
Security Considerations for Sun CICS Listener
The CICS Adapter, using the Sun CICS Listener as the underlying connection transport, utilizes three modes of security with z/OS: Connection Logic, Request Link to Program, and Request Start Transaction. The userID and password are defined in the Adapter properties file. The connection manager uses the userID and password in the properties file to start the Sun CICS Listener on z/OS. During Business Rules processing, requests that flow into the Sun CICS Listener can use the userID and password from the properties file, or can be overwritten in the Collaborations.
Connection Logic
For the Connection Logic mode, the userID and password, passed from the CICS Adapter through the IBM CICS listener and into the Sun CICS Listener, must be defined for the z/OS security system (RACF, for example). The userID must be authorized by the z/OS security system to run CICS transaction “xxxx” inside of CICS. The default value for “xxxx” is STCL, and can be changed in the properties of the Connection Manager in the CICS Adapter.
Request Link to Program
For the Request Link to Program mode, the userID and password passed from the CICS Adapter to the Sun CICS Listener must be defined for the z/OS security system (RACF, for example). The userID must be authorized by the z/OS security system to run CICS program “prog1” inside of CICS. The default value for “prog1” is set in the properties of the CICS Adapter, and can be overridden in the Collaboration for each request sent into the Sun CICS Listener.
Request Start Transaction
For the Request Start Transaction mode, the userID and password passed from the CICS Adapter to the Sun CICS Listener must be defined for the z/OS security system (RACF, for example). The userID must be authorized by the z/OS security system to start CICS transaction “TRN1” inside of CICS. The default value for “TRN1” is set in the properties file of the CICS Adapter, and can be overridden in the Collaboration for each request sent into the Sun CICS Listener.
Security Considerations for IBM CICS Transaction Gateway
For information on CICS Transaction Gateway security validation refer to the following:
-
IBM documentation CICS Transaction Gateway z/OS Administration or the CICS Transaction Gateway Administration Guide for your specific operating system, available at: http://www-306.ibm.com/software/htp/cics/library/cicstgv5.html
-
Readme.txt for CTG 5.1 provided on the CTG 5.1 installation CD_ROM
-
APAR OW55570 (for RACF)
- © 2010, Oracle Corporation and/or its affiliates