search cancel

How is security set for the XPFS and XPFT transactions in a CICS region?

book

Article ID: 54022

calendar_today

Updated On:

Products

CIS COMMON SERVICES FOR Z/OS 90S SERVICES DATABASE MANAGEMENT SOLUTIONS FOR DB2 FOR Z/OS COMMON PRODUCT SERVICES COMPONENT Common Services Datacom/AD CA ECOMETER SERVER COMPONENT FOC EASYTRIEVE REPORT GENERATOR FOR COMMON SERVICES INFOCAI MAINTENANCE IPC UNICENTER JCLCHECK COMMON COMPONENT Mainframe VM Product Manager CHORUS SOFTWARE MANAGER CA ON DEMAND PORTAL CA Service Desk Manager - Unified Self Service PAM CLIENT FOR LINUX ON MAINFRAME MAINFRAME CONNECTOR FOR LINUX ON MAINFRAME GRAPHICAL MANAGEMENT INTERFACE WEB ADMINISTRATOR FOR TOP SECRET Xpertware Compress Data Compression for MVS Compress Data Compression for Fujitsu Cross Enterprise Application Performance Management (APM) SYSVIEW Performance Management NXBRIDGE - SYSVIEW/ENDEVOR

Issue/Introduction

Description:

Some clients ask how they should set security for the XPFS and XPFT transactions in a CICS region. They are usually run by using the line commands INIT and TERM on the SYSVIEW CICSLIST panel. The commands INIT and TERM in SYSVIEW run the XPFS and XPFT transactions in a CICS region. By default, those transactions are run by the CICS default user, which consequently must be granted the right to run them. But you probably do not want to give that right to the CICS default user, because if you do then all users would be able to stop/start SYSVIEW CICS monitoring directly from within CICS.

Solution:

There is nothing that can be done in SYSVIEW itself to control this. Unlike the XPFI transaction, which can be controlled through the instructions in 'Assign a userid to the XPFI CICS transaction' under the TOPICS facility of SYSVIEW, the XPFS and XPFT transactions are controlled by the security settings for the CICS Console terminal definition that control the userid assigned to it.

The INITPARM method is available to assign a userid to the XPFI transaction because SYSVIEW itself starts that transaction programmatically, but XPFS and XPFT are invoked externally to SYSVIEW's control.

So, in the CICS Resource Definition Guide under TERMINAL, look at the USERIDĀ attribute.

The INIT/TERM commands are actioned by SYSVIEW by issuing an MVS modify command to the CICS region to run the XPFS or XPFT transaction. CICS should then receive/process/run the transaction on its Console terminal. It is the security settings for the CICS Console terminal definition that control the userid assigned to it.

Environment

Release: FAQSO.00200-11.6-SYSVIEW-Performance Management
Component: