Some possible uses of the TESTAUTH exits are described below.
- Restrict use of the TESTAUTH command to certain users
The initialization
exit can check the user ID and decide, based on your own criteria,
to continue processing the TESTAUTH command or not. The exit can return
a value in parameter entry 10 in the parameter list (see Figure 1)
to indicate that the user is authorized or not authorized to use the
command, or that the user's RACF® authority
should be verified. If the user is not authorized, TESTAUTH issues
a message; otherwise processing continues.
- Change the operands that the user specifies on the command
You
can use the initialization exit to change the operands that users
specify on the TESTAUTH command. The initialization exit receives
the address of the command buffer. It can change the operands the
user specifies on the TESTAUTH command by using a new command buffer.
For example, the initialization exit can scan the command buffer
and correct any errors on the command.
To check the command
buffer and change its contents, the initialization exit can:
- Scan the command buffer and decide, based on your own criteria,
to change the command the user issued
- Obtain storage for a new command buffer
- Build the new command buffer
- Update the key, length, and data fields for the new command buffer
as follows:
- Key
- X'02'
- Length
- the length of the new command buffer
- Data
- the address of the new command buffer
- Set a return code of 0 and return control to the TESTAUTH command processor
The exit must not change the command buffer it receives.
It must create a new command buffer and return the address of the
new command buffer to TESTAUTH.
For more information about the
command buffer and the new command buffer, see TSO/E standard exit parameter list.
For information about the format of the command buffer, see Command buffer.
z/OS TSO/E Customization
Copyright IBM Corporation 1990, 2014