To identify an end user to VLF and to connect that end user to a VLF class, issue the COFIDENT macro. Your application must, to maintain the security of your installation's data, ensure that the user is authorized to access the objects. Before you issue COFIDENT, follow your system's security procedures (perhaps using RACF®) to verify the user's authority to access the objects. For a PDS class, open the DDNAME you expect to specify on COFIDENT; otherwise, the COFIDENT will fail.
After verifying that the user is authorized to access the objects, issue COFIDENT. VLF connects the end user to a class and returns a user token that uniquely identifies the user of the class. VLF then ensures that only an identified user can access objects.
This information comes from the user. For a PDS class, the user supplies the DDNAME of the partitioned data set concatenation. VLF determines the data set names in the list. (VLF allows private data sets in the list, but it creates objects only from major names that correspond to the major names specified for the class in the COFVLFxx parmlib member.)
Your application design must allow you to keep track of the relationship between an end user, a class, and the token that connects the two. If a single user needs access to more than one class of VLF objects, you must issue COFIDENT for each class. An end user needs a unique user token for each class.
The SCOPE parameter on COFIDENT determines which tasks can retrieve objects with the returned user token. If you specify SCOPE=HOME, only a task running under the same home address space as the task that issued COFIDENT can retrieve objects with the returned UTOKEN. SCOPE=HOME is the default. If you specify SCOPE=SYSTEM, tasks running in any address space can retrieve objects with the returned UTOKEN.
The value you specify for SCOPE affects only the retrieving of objects with the COFRETRI macro. All other VLF macros that supply the user token must have the same home ASID as the user of COFIDENT.