XJCT
The XJCT system initialization parameter specifies whether you want CICS® to perform journal resource security checking.
Defining XJCT
You can define the XJCT system initialization parameter in the following ways:
- In the PARM parameter of the EXEC PGM=DFHSIP statement.
- In the SYSIN data set of the CICS startup job stream.
- In the DFHSIT macro.
Values for XJCT
Valid values for the XJCT system initialization parameter are as follows:
- XJCT={YES|name|NO}
- If you specify YES, or a RACF® resource class name, CICS calls RACF to verify
that the user ID associated with a transaction is authorized to access the referenced journal. Such
checking is performed every time a transaction tries to access a CICS journal. The checking is performed only if you have specified the
SEC=YES system initialization parameter and the RESSEC(YES)in
the resource definitions. For information on how resource security can provide a further level of
security to transaction security, see Resource security. Note: You can specify the XJCT parameter in the SIT, PARM, or SYSIN only.
- YES
- YES is the default value for XJCT. CICS calls RACF using the default CICS resource class name of CICSJCT prefixed by a J or K, to check whether the user ID associated with a transaction is authorized to access CICS journals referenced by the transaction. The general resource class name is JCICSJCT and the resource group class name is KCICSJCT.
- name
- CICS calls RACF,
using the specified resource class name prefixed by J or K, to verify that the user ID associated
with a transaction is authorized to access CICS journals. The
general resource class name is Jname and the resource group class name is
Kname.
The resource class name specified must be 1 through 7 characters.
- NO
- CICS does not perform any journal resource security checks, allowing any user to access any CICS journal.