SECURITY.EXIT | SECURITY = module name | (module name,DATASET|ALL,PSTKT) | (module name,DATASET|ALL) | OFF

This parameter specifies the name of the IBM® Connect:Direct® exit which performs security checking. A sample security exit, DGAMGSAF, is provided in the $CD.SDGASAMP library. You can modify this exit if it does not meet your security requirements.

Value Description
module name A name 1–8 alphanumeric characters long, with the first character alphabetic.
DATASET Specifies that the exit is invoked only for file security; the IBM Connect:Direct Authorization Facility is used for access (signon) security.
ALL Specifies that the exit is invoked for file and access security.
PSTKT Indicates that the local DTF IBM RACF security is defined to accept IBM RACF PassTicket passwords. For more information, see Generating IBM RACF PassTickets .
OFF Specifies that no security exists; all requests are valid.
The following scenarios could occur with this parameter:
  • SECURITY.EXIT = module name
  • SECURITY.EXIT = (module name,DATASET,PSTKT)
  • SECURITY.EXIT = (module name,ALL,PSTKT)
  • SECURITY.EXIT = (module name,DATASET)
  • SECURITY.EXIT = (module name,ALL)
  • SECURITY.EXIT = OFF

If you do not specify the SECURITY.EXIT parameter or it is commented out of the initialization parameters file, customized security is not performed and the IBM Connect:Direct Authorization Facility (AUTH file) is used.

For the first installation of IBM Connect:Direct for z/OS®, specify SECURITY.EXIT = OFF until a security exit is installed.

A user must be defined on all nodes involved in Process execution.

The default is the IBM Connect:Direct Authorization Facility.

Note: You can also code this parameter as SECURITY=

Modifiable through MODIFY INITPARMS command: NO