The XDCT system initialization parameter
specifies whether you want CICS to perform resource security checking
for transient data queues.
- XDCT={YES|name|NO}
- If you specify YES or a RACF resource class name, CICS calls RACF to verify that the userid
associated with a transaction is authorized to access the transient data queue. Such checking is
performed every time a transaction tries to access a transient data queue.
Note: The checking is
performed only if you have specified YES for the SEC system initialization parameter and specified
the RESSEC(YES) option on the transaction resource definition. For further information on how
resource security can provide a further level of security to transaction security, see
Resource security for transactions.
- YES
- CICS calls RACF, with the default CICS resource class name of CICSDCT prefixed by D or E, to
verify whether the userid associated with the transaction is authorized to access the specified
transient data queue.
The resource class name is DCICSDCT and the grouping class name is
ECICSDCT.
- name
- CICS calls RACF, using the specified resource class name, to check whether the userid associated
with the transaction is authorized to access the specified transient data queue. The resource class
name is Dname and the grouping class name is
Ename.
The resource class name specified must be 1 through 7
characters.
- NO
- CICS does not perform any transient data security checks, allowing any user to access any
transient data queue.
Restrictions: You can specify the XDCT parameter in the SIT, PARM, or SYSIN
only.