XHFS
The XHFS system initialization parameter specifies whether CICS® is to check the transaction user's ability to access files in the z/OS® UNIX System Services file system.
- XHFS={YES|NO}
- At present, this checking applies only to the user ID of the Web client when CICS Web support is returning z/OS
UNIX file data as
the static content identified by a URIMAP definition. The checking is performed only if you have
specified YES for the SEC system initialization parameter. However, the RESSEC option on the
transaction resource definition does not affect this security checking. For further information on
how resource security can provide a further level of security to transaction security, see Resource security for transactions.Note: You can specify the XHFS parameter in the SIT, PARM, or SYSIN only.
- YES
- CICS is to check whether the user identified as the Web client is authorized to access the file identified by the URIMAP that matches the incoming URL. This check is in addition to the check performed by z/OS UNIX System Services against the CICS region user ID. If access to the file is denied for either of these user IDs, the HTTP request is rejected with a 403 (Forbidden) response.
- NO
- CICS is not to check the client user's access to z/OS UNIX files. Note that the CICS region user ID's access to these files is still checked by z/OS UNIX System Services.