Specifying security for MSC transaction types
The MSCSEC= startup parameter, which is found in the DFSDCxxx PROCLIB member, includes two positional parameters. The first positional parameter allows you to specify—based on the MSC transaction type—if and when a receiving IMS calls RACF® and exit routines to check security for a transaction.
The are two types of transactions that can be received on an MSC link for which you might perform security checking: direct-routed transactions and non-direct-routed transactions. You specify which type of transactions that you want RACF and exit routines to check security for by using the first positional parameter of MSCSEC=. The options are:
- LRDIRECT
- RACF and exit routines check security on direct-routed transactions and no security checking is performed for non-direct-routed transactions. This is the default.
- LRNONDR
- RACF and exit routines check security on non-direct-routed transactions and no security checking is performed for direct-routed transactions.
- LRALL
- RACF and exit routines check both types of transactions.
- LRNONE
- The IMS system does not request any security checking for either type of transaction.
When you use RACF and exit routines to check security for transactions that are received from an MSC link, the receiving IMS system calls RACF and DFSCTRN0 after calling the TM and MSC Message Routing and Control user exit routine (DFSMSCE0).