The XUSER system
initialization parameter specifies whether CICS® is to perform surrogate user checks.
- XUSER={YES|NO}
- You can specify the XUSER parameter in the
SIT, PARM, or SYSIN only. Valid values are as follows:
- YES
- CICS is to perform surrogate
user checking in all those situations that permit such checks to be
made; for example, on EXEC CICS START
commands without an associated terminal. Surrogate user security checking
is also performed by CICS against
user IDs installing or modifying DB2 resource definitions that specify
AUTHID or COMAUTHID.
Note: The
XUSER parameter
is also used by CICS to control
access to the AUTHTYPE and COMAUTHTYPE attributes on DB2® resource definitions, although not through
surrogate user checks. For more information about AUTHTYPE and COMAUTHTYPE
attributes, see
DB2CONN resources.
For
information about the various circumstances in which CICS performs surrogate user checks, see Surrogate user security.
- NO
- CICS is not to perform
any surrogate user checking.
For information on how resource security can provide a further level of security to transaction
security, see Resource security for transactions.