CECI QUERY SECURITY RESTYPE('TRANSATTACH') RESID('CEMT')
The following message briefly appears on the screen:
TSS7257E Unauthorized Access Level for OTRAN <CEMT>
The message goes away and then the output of the QUERY command is displayed successfully.
If the command is issued multiple times, it suspends the users userid but a violation report shows no violations occurred.
If the NOLOG option is added to the command, the issue does not occur.
Release : 16.0
Component : CA Top Secret for z/OS
Reviewed a Top Secret DIAGTRAP dump for the security violation.
'CECI QUERY SECURITY RESTYPE('TRANSATTACH') RESID('CEMT')'.
4 security calls for ACCESS READ, UPDATE, CONTROL and UPDATE are made for the CECI QUERY.
If user is only authorized to OTRAN(CEMT) with ACCESS(READ), then the other 3 security calls will receive the
TSS7257E security violation message and the response will be:
QUERY SECURITY RESTYPE('TRANSATTACH') RESID('CEMT')
STATUS: COMMAND EXECUTION COMPLETE NAME=
EXEC CICS Query Security
( RESType( 'TRANSATTACH ' ) | RESClass() RESIDLength() )
RESID( 'CEMT ' ... )
< LOGMessage() | LOG | Nolog >
< REAd( +0000000035 ) > <- READABLE
< Update( +0000000038 ) > <- NOT UPDATEBLE
< Control( +0000000057 ) > <- NOT CTRLABLE
< Alter( +0000000053 ) > <- NOT ALTERABLE
RESPONSE: NORMAL EIBRESP=+0000000000 EIBRESP2=+0000000000
Product is working as designed.
Specifying NOLOG on the CECI QUERY SECURITY will suppress the TSS7257E message and the correct response codes will be received from CICS.