Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
Security z/OS JES Application Programming SA32-0987-00 |
|
JES does not perform any SAF call during allocation. When the SPOOL data is opened, JES uses SAF to verify read access to a JESSPOOL resource associated with the data set. SPOOL browse uses both the standard form of the JESSPOOL class resources and modified forms for special system data sets. Any generic characters that may have been specified at allocation are replaced by the actual values for the data set allocated. When a logical data set name was specified for DALDSNAM,
then the format of the resource name passed to SAF is:
In
the resource name:
When a SYSLOG data set is allocated, the format
of the resource name passed to SAF is:
In
the resource name:
If the browse token specifies a recvr userid, the SAF call is performed with the RECVR parameter. When the recvr userid is specified, the logstr parameter should also be supplied. If the data set fails the security check, the open request fails with R15=0C and an error code stored in ACBERFLG (decimal 152). The system performs a SAF call as part of OPEN processing to ensure that the user is authorized to the data set. In JES2, if the user is not authorized, a system abend, code S913, results. In JES3, although control is returned to the application, the DCBOFOPN bit is not set and the application cannot read the data set. After the DCB has been opened, use a GET macro pointing to the DCB to read the file. When processing is complete, use a CLOSE macro to close the file. The same task that opened the DCB must be used to close it. |
Copyright IBM Corporation 1990, 2014
|