For non-racf users — the esm parameter list, For racf users — the racf user exit parameter list – IBM SC34-6814-04 User Manual

Page 814

Advertising
background image

For non-RACF users — the ESM parameter list

CICS (or another caller) passes information to your external security manager in the
ESM parameter list, the address of which can be calculated using field SAFPRACP
of the MVS router parameter list.

When the caller is CICS, the “INSTLN” field of the ESM parameter list points to the
installation data parameter list, which contains CICS-related information that can be
used by ESM exit programs.

The format of the ESM parameter list, and the actual name of the “INSTLN” field,
vary, depending on which CICS security event is being processed. (The “request
type” field (SAFPREQT) of the router parameter list shows why the ESM is being
called by indicating the RACROUTE REQUEST type.) Table 45 shows how some
formats of the ESM parameter list can be mapped using MVS macros.

Table 45. Mapping the ESM parameter list

RACROUTE REQUEST
type

Parameter list mapping macro

INSTLN field name

VERIFY

IRRPRIPL

INITIPTR (X'10')

AUTH

ICHACHKL

ACHKIN31 (X'20')

FASTAUTH

Not available

Offset X'18'

LIST

Not available

Offset X'0C'

EXTRACT

Not available

None

Note: The INSTLN field points to the installation parameter list only if you specify

INSTLN on the ESMEXITS system initialization parameter. The default value
of this parameter is NOINSTLN, which means that no installation data is
passed.

For RACF users — the RACF user exit parameter list

If you are a RACF user, you can find the address of the installation data parameter
list directly from the RACF user exit parameter list. The name of the relevant field in
the user exit parameter list varies according to the RACROUTE REQUEST type
and the RACF user exit that is invoked. The relationships between REQUEST type,
exit name, and field name are shown in Table 46.

Table 46. Obtaining the address of the installation data parameter list

RACROUTE
REQUEST type

RACF exit

Exit list mapping
macro

Parameter list field
name

VERIFY

ICHRIX01

ICHRIXP

RIXINSTL

VERIFY

ICHRIX02

ICHRIXP

RIXINSTL

AUTH

ICHRCX01

ICHRCXP

RCXINSTL

AUTH

ICHRCX02

ICHRCXP

RCXINSTL

FASTAUTH

ICHRFX01

ICHRFXP

RFXANSTL

FASTAUTH

ICHRFX02

ICHRFXP

RFXANSTL

LIST

ICHRLX01

ICHRLX1P

RLX1INST

LIST

ICHRLX02

ICHRLX2P

RLX2PRPA See note
2.

792

Customization Guide

Advertising
Popular Brands
Popular manuals