XTST

The XTST system initialization parameter specifies whether you want CICS to perform security checking for temporary storage queues and optionally specifies the RACF resource class name in which you have defined the temporary storage security profiles.

XTST={YES|name|NO}

You can specify the XTST parameter in the SIT, PARM, or SYSIN only. If you specify YES, or a RACF resource class name, CICS calls RACF to verify that the userid associated with a temporary storage request is authorized to access the referenced temporary storage queue.

Security checking for temporary storage queues is performed only if you have specified all of the following options in addition to the XTST parameter:

YES for the SEC system initialization parameter
RESSEC(YES) in the relevant TRANSACTION resource definitions
SECURITY(YES) in your TSMODEL resource definitions
If you use a temporary storage table (TST), the DFHTST TYPE=SECURITY macro

For further information on how resource security can provide a further level of security to transaction security, see Resource security for transactions.

YES: CICS calls RACF, using the default CICS resource class name of CICSTST prefixed by S or U, to verify that the userid associated with the transaction is authorized to access temporary storage queues referenced by the transaction. The resource class name is SCICSTST and the corresponding grouping class name is UCICSTST.
name: CICS calls RACF, using the specified resource class name prefixed by S or U, to verify that the userid associated with a transaction is authorized to access temporary storage queues.
The name specified must be 1 through 7 characters.
NO: CICS does not perform any temporary storage security checks, allowing any user to access any temporary storage queue.