dfhe4_overview.html |
Last updated: Thursday, 27 June 2019Operators, auditors, and system administrators can see the distributed identity of the user for started tasks.
Identity propagation was introduced in CICS Transaction Server 4.1. With this feature, the client identity contained a distributed identity (usually an X.500 ID) and a realm to be propagated to CICS® in an Extended Context Identity Reference (ICRX). The ICRX was contained in IPIC DPL requests from CICS Transaction Gateway and web services requests. CICS associated the distributed identity with a RACF® user ID using RACMAPs. The ICRX was propagated in CICS in DPL requests using MRO or IPIC. However if the transaction issued a START request, only the RACF user ID was propagated.
From CICS Transaction Server 5.1, the ICRX is also propagated for transactions issuing START commands which do not specify a USERID, or TERMID. If either of these are specified, CICS does not propagate the ICRX.
Identity propagation is not available for START commands function shipped over LU61 or LU62. Identity propagation is also not available for delayed dynamically routed START commands.
Last updated: Thursday, 27 June 2019