search cancel

How to specify an equivalent to RACF's APPLDATA in an ACF2 rule

book

Article ID: 229273

calendar_today

Updated On:

Products

ACF2 ACF2 - z/OS ACF2 - MISC

Issue/Introduction

What is the correct ACF2 parameter for RACF's APPLDATA? 

Example from IBM's IP Programmer's Guide and Reference:
Define security product authority for the profile EZBDOMAIN in the SERVAUTH class within the sysplex that is to use trusted TCP connections. Specify the same security domain name in the APPLDATA  field:

RDEFINE SERVAUTH EZBDOMAIN APPLDATA('security_domain_name')

Resolution

The $USERDATA control statement is how ACF2 passes the APPLDATA in a RACROUTE EXTRACT call. For these types of calls, do not code a SERVICE on the rule line. The rule line should be either ALLOW or PREVENT.

Example: 
$KEY(EZBDOMAIN) TYPE(SER)
$USERDATA(’security_domain_name’)
 UID(uid string -) ALLOW