How to configure basic authentication from CICS
Configure basic authentication from CICS® to a z/OS® Connect server.
This task is applicable when z/OS Connect is used as an API requester.
About this task
- Pass the user's credentials from CICS to the z/OS Connect server by using either:
- Parameters on the Host API BAQINIT call from the CICS application.
- The CICS XWBAUTH user exit.
- If also using the CICS XWBAUTH user exit, customize the supplied URIMAP BAQHZCON with the following specifications,
- USAGE(CLIENT) because CICS is the HTTP client.
- AUTHENTICATE(BASIC) to indicate that the user ID and password credentials are to be provided by the XWBAUTH global user exit.
Note that your CICS application should not provide credentials in an EXEC CICS WEB SEND or WEB CONVERSE command as this is not supported by z/OS Connect and will be ignored.
WORKING-STORAGE SECTION. * API requester Host API required copybooks COPY BAQHAREC. COPY BAQHCONC. ... * User credentials for basic authentication 01 MY-USER PIC X(10) VALUE 'myUsername'. 01 MY-PSWD PIC X(10) VALUE 'myPassword'. PROCEDURE DIVISION. ... * Set user credentials MOVE BAQZ-SERVER-USERNAME TO BAQ-ZCON-PARM-NAME OF BAQ-ZCON-PARMS(1) SET BAQ-ZCON-PARM-ADDRESS OF BAQ-ZCON-PARMS(1) TO ADDRESS OF MY-USER MOVE LENGTH OF MY-USER TO BAQ-ZCON-PARM-LENGTH OF BAQ-ZCON-PARMS(1) MOVE BAQZ-SERVER-PASSWORD TO BAQ-ZCON-PARM-NAME OF BAQ-ZCON-PARMS(2) SET BAQ-ZCON-PARM-ADDRESS OF BAQ-ZCON-PARMS(2) TO ADDRESS OF MY-PSWD MOVE LENGTH OF MY-PSWD TO BAQ-ZCON-PARM-LENGTH OF BAQ-ZCON-PARMS(2). * Make the BAQINIT call ...
For more information, see CICS as an HTTP client: authentication and identification, HTTP client send exit XWBAUTH and URIMAP attributes in the CICS documentation.