IBM OS/390 User Manual
You must rewrite all user-replaceable modules except for DFHACEE, DFHUAKP,
DFHXSP and DFHXSE user-replaceable modules, which are obsolete. Also, the
DFHNTRY is replaced by a new user-replaceable module DFHREST.
DFHXSP and DFHXSE user-replaceable modules, which are obsolete. Also, the
DFHNTRY is replaced by a new user-replaceable module DFHREST.
Note:
VSE/ESA System Package (SP) supplied a number of user exits and user
replaceable modules, that are part of the packaging of VSE/ESA. As such these
programs may be similar to other CICS supplied sample program, but are
unique in what they offer VSE/ESA users. If you were using any of the programs
below, you may want to convert the code and/or find similar solutions through
IBM packages and/or vendor programs.
programs may be similar to other CICS supplied sample program, but are
unique in what they offer VSE/ESA users. If you were using any of the programs
below, you may want to convert the code and/or find similar solutions through
IBM packages and/or vendor programs.
IESZATDX - auto install program
IESZNEP - VTAM network error program
DFHXSE and IESEXIT1 - signon program
DFHPEP - program error program (invokes OLPD transaction for ABEND)
SKEXITDA - captures VSE/ESA system activity data from the II and stores the
resulting data in CICS/VSE temporary storage queues.
IESZNEP - VTAM network error program
DFHXSE and IESEXIT1 - signon program
DFHPEP - program error program (invokes OLPD transaction for ABEND)
SKEXITDA - captures VSE/ESA system activity data from the II and stores the
resulting data in CICS/VSE temporary storage queues.
Note:
The above programs are located in VSE/ESA ICCF library 59.
6.1.10 CICS Transaction Security
CICS/ESA security is provided through external security (that is, RACF). Hence
CICS/VSE internal security needs to be converted to an external security facility.
CICS/VSE internal security needs to be converted to an external security facility.
In the MVS environment, RACF provides an external security manager. RACF
controls access to data sets from CICS, TSO, and batch.
controls access to data sets from CICS, TSO, and batch.
The recommendation is to migrate to RACF and CICS/ESA external security.
If you are using RACF as the external manager, consider:
•
All CICS started task names must be defined as user IDs having the authority
to execute all transactions
to execute all transactions
UACC(READ).
•
All transactions must be defined to RACF (even previously unsecured
transactions).
transactions).
•
If using transient data initiated transactions or transactions started on a
terminal, you may need to add an XPCT profile, or allow the default user
UACC(READ).
terminal, you may need to add an XPCT profile, or allow the default user
UACC(READ).
New CICS command RACF resources: EXITPROGRAM, REQID, and STORAGE,
update authority is required to enable, disable, extract, or resync
EXITPROGRAM, and may be administered from the PLT process.
update authority is required to enable, disable, extract, or resync
EXITPROGRAM, and may be administered from the PLT process.
If you are using CICS for VSE/ESA 2.3, you can use the security migration aid to
assist you with your migration of your CICS internal security definitions to an
environment where the resources can be defined with RACF. You will need the
CICS/VSE Security Migration Aid (supported via APAR PN87442) and the
CICS/VSE Security Migration Aid, SC33-1406 manual.
assist you with your migration of your CICS internal security definitions to an
environment where the resources can be defined with RACF. You will need the
CICS/VSE Security Migration Aid (supported via APAR PN87442) and the
CICS/VSE Security Migration Aid, SC33-1406 manual.
6.1.11 CICS UPSI
There is no UPSI in MVS. Execution overrides are in the PARM field of the JCL
statement - EXEC PGM=DFHSIP. The following list identifies the CICS/MVS
equivalents:
statement - EXEC PGM=DFHSIP. The following list identifies the CICS/MVS
equivalents:
Chapter 6. CICS
149