RACF PassTicket for IMS Connect client connections to IMS TM

An alternative to the RACF® password is a PassTicket, which you can use for IMS Connect client access to IMS TM. PassTicket allows you to communicate with a host without using a RACF password. When IMS Connect is configured to call RACF directly, you can use PassTicket to authenticate user IDs and log on to computer systems that contain RACF.

For IMS Connect clients that access IMS TM, you can select PassTicket support through the client and send a PassTicket in the IRM in place of a RACF password. IMS Connect issues a RACF call using PassTicket and blanks out the PassTicket field in the OTMA user data header before sending the message to IMS. Because PassTicket occupies the same field as the RACF password and PassTicket cannot be translated to uppercase, the RACF password is also not translated to uppercase. You can use a user message exit to provide uppercase translation.

The IMS Connect PassTicket support for IMS TM clients parallels IMS PassTicket support.
  • You can use existing APPLname definitions for newly connecting IMS Connect clients.
  • Each DATASTORE statement has a parameter APPL=APPLname, where:
    • Each APPL= can be a unique RACF APPLname for each data store.
    • Each APPL= can be the same name for each data store, as required for VGR support, or can be unique per data store.
  • The default APPL=APPLname value is blank.
  • The IMS Connect client can pass an APPLname in the IRM to the user message exit which sets the APPLname in the OTMA user data header or the user message exit can pass and set the appropriate APPLname in the OTMA user data header.

For PassTicket support, you are responsible for all definitions to RACF. You need to establish the RACF encoding and decoding routines and to supply the encoding routine to the distributed platform.

For IMS TM clients, The IMS TM Resource Adapter does not generate RACF PassTickets. PassTickets which have been generated can be passed through IMS TM Resource Adapter by setting the PassTicket value as the password.

This support might require changes to the customer-written user message exits and customer-written client application code. The following list describes options you can select for PassTicket support for IMS Connect clients that access IMS TM:

The APPLname is always passed to RACF. This is true even if PassTickets are not used. As a result, the APPL= keyword on the DATASTORE statement can be used to verify a user's authority to access an IMS Connect data store, even if PassTickets are not used.