XFCT
The XFCT system initialization parameter specifies whether you want CICS® to perform file resource security checking, and optionally specifies the RACF® resource class name in which you have defined the file resource security profiles.
- XFCT={YES|name|NO}
- If you specify YES, or a RACF resource class name, CICS calls RACF to verify
that the userid associated with a transaction is authorized to access File Control-managed files.
Such checking is performed every time a transaction tries to access a file managed by CICS file control. The checking is performed only if you have
specified YES for the SEC system initialization parameter and specified the RESSEC(YES) option on
the resource definitions. For further information on how resource security can provide a further
level of security to transaction security, see Resource security for transactions. Note: You can specify the XFCT parameter in the SIT, PARM, or SYSIN only.
- YES
- CICS calls RACF, using the default CICS resource class name of CICSFCT prefixed by F or H, to verify that the userid associated with a transaction is authorized to access files reference by the transaction. The resource class name is FCICSFCT and the grouping class name is HCICSFCT.
- name
- CICS calls RACF,
using the specified resource class name, to verify that the userid associated with a transaction is
authorized to access files referenced by the transaction. The resource class name is
Fname and the grouping class name is Hname.
The resource class name specified must be 1 through 7 characters.
- NO
- CICS does not perform any file resource security checks, allowing any user to access any file.