Plug-in Security
The type of security depends on the way the plug-in runs.
Security in Pool Mode
When the plug-in is communicating in pool mode, only the user ID and password from Region Definition are used. The user ID and password from CICS Interaction (if present) are ignored. This means that all transactions using the pooled session has the same security credentials.
| SEC=NO | Both the user ID and password are ignored.
The SXNx transaction runs under the user ID of CSKL. |
|
| SEC=YES | No SECEXIT is set. | The user ID and password from the plug-in are ignored.
The SXNx transaction runs under the user ID of CSKL. |
| SECEXIT=SXNSECUR with verify mode (default). | The user ID and password are tested with RACF for validity.
The SXNx transaction runs under the user ID of the plug-in. |
|
| SECEXIT=SXNSECID with identify mode. | No RACF call.
The SXNx transaction runs under the user ID of the plug-in. The user ID of the plug-in must be a surrogate of the user ID of CSKL. |
|
Security in Non-Pool Mode
- Use of the user ID and password.
- If the plug-in Interaction activity has a mapping to the user ID and password in the Input tab, the mapping fields are used.
- If the plug-in Interaction activity has a static user ID and password in the General tab, the fields in the General tab are used.
- Else, the fields in the CICS region definition are used.
- Setup of
SECEXIT in CICS.
SEC=NO Both the user ID and password are ignored. The SXNx transaction runs under the user ID of CSKL.
SEC=YES No SECEXIT is set. The user ID and password from the plug-in are ignored. The SXNx transaction runs under the user ID of CSKL.
SECEXIT=SXNSECUR with verify mode (default). The user ID and password are tested with RACF for validity. The SXNx transaction runs under the USERID of the plug-in.
The user ID of the plug-in must be a surrogate of the user ID of CSKL.
SECEXIT=SXNSECID with identify mode. No RACF call. The SXNx transaction runs under the user ID of the plug-in.
The user ID of the plug-in must be a surrogate of the user ID of CSKL.