Run Job Security Exit
The Run Job security exit control point provides a standard interface for security verification of job streams before they are submitted to the job entry system. Specific implementation details include the following:
- The Run Job exit is implemented as an executable load module.
- The name of the load module is user-defined and cannot conflict with any IBM® Connect:Direct® load module names.
- Specify RUN.JOB.EXIT=(modname) in the initialization parameters to activate the Run Job exit.
- You must link-edit the module as re-entrant and place it in a load library that the IBM Connect:Direct DTF can access.
- Because information passed to the exit is located above the 16 megabyte line, you must link-edit the module with AMODE ANY to make it capable of executing in 31-bit mode.
For additional information about exits, see IBM Connect:Direct Exits.
Sample Run Job Security Exits
The $CD.SDGASAMP library contains a sample source module for the most used z/OS security systems. Sample exit routines are:
- DGAXRACJ for IBM RACF and CA-TOP SECRET
- DGAXACRJ for CA-ACF2
The sample exits are designed to ensure that correct security information is coded on each JOB statement in the job stream.
- For IBM RACF and CA-TOP SECRET, a check is made for a valid USER and PASSWORD on each JOB card. If not found, a USER=submitter keyword is added to each JOB card.
- For CA-ACF2, a JOBFROM=submitter keyword is added immediately following each JOB card to ensure that the correct security information is transferred to each submitted job.
- An IBM Connect:Direct Stage2 Exit, DGAXSBRX can be used on the SNODE as RUN JOB EXIT to restrict and reject the use of RUN JOB function. As an exception, node names of PNODEs that are allowed to execute this function on this SNODE are defined in a node table of DGAXSBRX. If the nodename in process matches an entry in the table the function is allowed to continue otherwise the process is rejected with a return code of 8 and msgid of SVTM667I.
If you use one of these exits without coding a value for the RUN.JOB.EXIT initialization parameter, IBM Connect:Direct does not use the default for the RUNJOBID initialization parameter.
Note: Use the Run Job security exit to achieve user propagation for security checks when the job that executes is submitted by the user ID assigned to IBM Connect:Direct rather than the user ID that submitted the job. In most environments, this Exit is not needed.