Changes to RACF classes
This section summarizes the changes that relate to RACF® classes across supported CICS® releases. Use this information to plan the impact of upgrading from one release to another.
If you are upgrading from an end-of-service release, you can find information about the changes that are relevant to those releases in Summary of changes from end-of-service releases.
For other security-related changes, see Changes to security. For changes to transactions, see Changes to CICS transactions.
| Change (Command) | 5.6 | 6.1 | 6.2 | CICS TS 6.3 |
|---|---|---|---|---|
| CREATE DUMPCODE | NEW: resource identifier DUMPCODE | |||
| INQUIRE JVMENDPOINT | NEW: resource identifier JVMENDPOINT | |||
| SET JVMENDPOINT | NEW: resource identifier JVMENDPOINT | |||
| INQUIRE NODEJSAPP | ||||
| PERFORM JVMSERVER | NEW: resource identifier JVMSERVER ACCESS(UPDATE) is required for the command. ACCESS(UPDATE) is required for the named JVMSERVER resource identifier. |
|||
| INQUIRE OTEL | NEW: resource identifier OTEL | |||
| SET OTEL |
| Change (User ID) | 5.6 | 6.1 | 6.2 | CICS TS 6.3 |
|---|---|---|---|---|
| Default user ID | CHANGED: Default user no longer needs command authority for any CAT 3 CICS transactions. See Default user ID security definitions. | |||
| KERBEROSUSER |
| Change | 5.6 | 6.1 | 6.2 | CICS TS 6.3 |
|---|---|---|---|---|
| Change (Class) | Profile | 5.6 | 6.1 | 6.2 | CICS TS 6.3 |
|---|---|---|---|---|---|
| FACILITY | DFHSIT.HPO | ||||
| IDTDATA | JWT.applid.userid.SAF | NEW: support for JWT with RACF | |||
| SURROGAT | userid.DFHEXCI | NEW: surrogate user checking for EXCI | |||
| SURROGAT | userid.DFHQUERY | ||||
| SURROGAT | userid.SUBMIT | ||||
| SURROGAT | userid.DFHTRMID | NEW: |