Enabling CTGRRMS services

To support XA, CICS® Transaction Gateway issues authorized RRS calls, through CTGRRMS services. Protect these services with RACF®, or another external security manager. Follow these instructions to add the new services, and to protect them.

1. Add hlq.SCTGLINK to the MVS™ LNKLST. This load library must be APF-authorized.
2. Issue the MVS command F LLA,REFRESH to refresh the LNKLST LOOKASIDE address space (LLA).
3. Give the user ID that is running the CICS Transaction Gateway UPDATE authority to the RACF entity CTG.RRMS.SERVICE in the FACILITY class. Activate SETROPTS RACLIST processing for the FACILITY general resource class. When you activate this function, you improve performance because I/O to the RACF database is reduced. If you are using an external security manager other than RACF, see its documentation for information about how to give the user ID that is running CICS Transaction Gateway access to these resources. Issue the TSO commands:

   1. SETROPTS RACLIST(FACILITY)

      Note: If you activate SETROPTS RACLIST processing for the FACILITY class, any time you make a change to a FACILITY profile, you must also refresh SETROPTS RACLIST processing for the FACILITY class for the change to take effect (SETROPTS RACLIST(FACILITY) REFRESH).
   2. Create the entity in the FACILITY class:

      RDEFINE FACILITY CTG.RRMS.SERVICE UACC(NONE)

   3. Enable the user ID for the CICS Transaction Gateway (gway_id):

      PERMIT CTG.RRMS.SERVICE CLASS(FACILITY) gway_id ACCESS(UPDATE)

If the CTGINIT module in SCTGLINK is subsequently refreshed, see Starting, stopping or refreshing the CTGRRMS services.