Security for APPC/IMS
APPC/IMS requires security using the System Authorization Facility (SAF) interface to RACF®, or an equivalent security environment. RACF is optional for remote transactions from LU 6.2 application programs.
APPC/IMS supports both the Transaction Authorization exit routine (DFSCTRN0) and the Command Authorization exit routine (DFSCCMD0).
Restrictions:
- APPC/IMS does not support the
/SIGN
command, because it is not required in order to validate the user ID. z/OS® validates user IDs when using RACF; therefore, each APPC/IMS message has a validated user ID. - For IMS commands entered
from remote LU 6.2 application programs: if you do not use RACF or the Command Authorization
exit routine (DFSCCMD0), the default command security allows only
the following four commands:
/BROADCAST
/LOG
/RDISPLAY
/RMLIST