Invoking an external security manager

CICS® provides an interface to an external security manager (ESM), which can be the Resource Access Control Facility (RACF®), a vendor product, or user-written. CICS security uses the MVS™ system authorization facility (SAF) interface to route authorization requests to the external security manager (ESM).

Typically, if RACF is present, the MVS router passes control to it. However, you can modify the action of the MVS router by invoking the router exit.

The router exit can be used, for example, to pass control to a user-written or vendor-supplied ESM. If you want to use your own security manager, you must supply an MVS router exit routine.

Note: This information is intended primarily for non-RACF users. For definitive information about security processing using RACF, refer to RACF facilities.