SRR reason codes
The security request recording (SRR) reason codes are returned by SRR to indicate why the security check succeeded or failed.
The SRR reason codes are in the reason column of the SRR spreadsheet. For more information about the SRR spreadsheet, see Example output of security request recording (SRR).
For information about using SRR, see Diagnosing access issues with security request recording (SRR).
The following reason codes are returned by SRR to indicate the authorization status with reasons. When the authorization is successful because of internal CICS® processing, the request is not passed to RACF®.
| Reason code | Authorization status | Description |
|---|---|---|
| CMDSEC(NO) | Successful | The request was not processed because the transaction was defined to ignore command security. |
| RESSEC(NO) | Successful | The request was not processed because the transaction was defined to ignore resource security. |
|
6.2 and later EDF_SET_CMDSEC(NO) 6.2 and later CICS_SET_CMDSEC(NO) 6.2 and later EDF_SET_RESSEC(NO) 6.2 and later CICS_SET_RESSEC(NO) |
Successful | CICS switched off security internally to execute this command. |
|
XCMD=NO
XDB2=NO XDCT=NO XFCT=NO XHFS=NO XJCT=NO XPCT=NO XPPT=NO XPSB=NO XRES=NO XTRAN=NO XTST=NO XUSER=NO |
Successful | Security for this class was disabled by the option that is specified on the corresponding SIT parameter. |
| XPPT=...DPLONLY | Successful | Security was switched off because DPLONLY was specified on the XPPT SIT parameter and this was not the first program that is linked by the mirror program during distributed program link (DPL). |
| EXEMPT=CAT1 | Successful | Category 1 programs can only be run by the region user ID. Therefore, no external security checking is required. |
| EXEMPT=CAT3 | Successful | Category 3 programs can be run by all users. Therefore, no external security checking is required. |
| EXEMPT=PROGRAM | Successful | This is a CICS program that can be accessed by all users. Therefore, no external security checking is required. |
| NOTAUTH | Failed | Authorization not successful. The code will be passed to RACF. |
Other codes might be returned if the CICS XSRC domain gate returns a failure. These are the same as the values in the CICS trace.