z/OS JES2 Initialization and Tuning Guide
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


MVS Security Authorization Facility (SAF)

z/OS JES2 Initialization and Tuning Guide
SA32-0991-00

During its processing, JES2 will pass information to the security authorization facility (SAF) to perform password validation, to request authority to access a resource, to build or obtain a security token for a resource, or to determine security information in a certain environment. When SAF receives the request, it determines if RACF® is active. If RACF is active, SAF passes the request to RACF; if RACF is not active, SAF returns immediately to JES2 with a response indicating that SAF could not validate the request and any existing JES2 security processing controls the resource. Using JES2 to provide security describes the existing JES2 security processing. When SAF indicates a decision on a security request, JES2 bypasses its own security processing.

In your exit routines, you can use JES2 macros to place additional calls to SAF. The exit routines can do security processing. The JES2 exits available are:
  • Exit 36 (Pre-security Authorization Call)
  • Exit 37 (Post-Security Authorization Call)
  • Exit 38 (TSO/E Receive Data Set Disposition)
  • Exit 39 and 55 (NJE SYSOUT Data Set Disposition)

See z/OS JES2 Installation Exits for information about the security exits, macros, and invoking SAF in your exit routines.

Go to the previous page Go to the next page




Copyright IBM Corporation 1990, 2014