Abstract for Security Server RACROUTE Macro Reference

Purpose of this information

This information contains information about RACF®, which is part of z/OS Security Server, and supports z/OS Version 2 (5650-ZOS).

This information describes the full-function RACROUTE macro for z/OS®, and the requests that can be invoked by it, including syntax and related information.

Who should read this information

This information is intended (1) for the use of programmers who are writing applications that need to invoke RACF (or another external security product) from MVS™ and (2) for those who write other external security products (that replace RACF) to perform the following functions for MVS:
  • Centralized auditing
  • Resource authorization
  • Resource definition
  • Data encryption
  • User identification and verification.

How to use this information

This information describes the RACROUTE macro and includes interface information. Macro descriptions within the topics are presented in alphabetical order. Each macro description includes:
  • A general description of the service that the macro performs
  • A table of syntax rules that you must follow when you code the macro
  • An alphabetical list of the parameters you can specify and an explanation of each parameter:
These are the major topics in this document:
  • The topic How to use the RACF system macrosprovides information about how to read the syntax tables and how to code the macros.
  • The topic RACF system macrosprovides information about the external system macros that other callers can use to invoke RACF or another security product. This topic includes information about the full-function RACROUTE interface and the macro types that it can invoke.

    Guideline: Use the full-function RACROUTE interface documented in this topic instead of the independent RACF system macros described in Independent RACF system macros.

  • The topic Independent RACF system macrosdescribes macros that can be used to invoke security checking by either RACF or another security product. For RACF 1.9 and later releases, no new keywords are supported on the independent RACF system macro invocations. However, IBM® continues to support the independent invocation of these macros for release levels prior to 1.9. If your installation wants to invoke these macros and use new keywords, your installation must invoke them using the full-function RACROUTE interface documented in RACF system macros.
  • The topic RACF database templatesdescribes the Group, User, Connect, Data Set, General, and Reserved templates for the RACF database.
  • The topic System authorization facility (SAF) and SAF exitsprovides information about the System Authorization Facility (SAF), and SAF exits.
  • The topic SAF interface to an external security productprovides programming information about using the SAF interface with an external security product other than RACF.
  • The topic Supplied class descriptor table entrieslists the class entries supplied by IBM in the class descriptor table (ICHRRCDX).
  • The topic Requesting security servicesprovides guidance information for application programmers requesting the services of the security product.