EXCI connection security

EXCI connections enforce link, bind and user security. Link security restricts the resources that can be accessed over a connection to a CICS server, bind security prevents an unauthorized client system from connecting to CICS, and user security restricts the CICS resources that can be accessed by a user.

Link security

By default, the link user ID that CICS uses for these security checks is the user ID under which the Gateway daemon runs; to override this, specify a USERID parameter in the SESSIONS definition.

Bind security

The client application is treated in the same way as a CICS server for MRO logon and connect (bind-time) security checking; when the client connects, the CICS interregion communication program (IRP) performs logon and bind-time security checks against the user ID under which the client is running.

User security

A number of settings and security checks ensure validation of user IDs and passwords.

See also Configuring for client certificate mapping.

A user ID can also be obtained from a mapping of an SSL client certificate. For more information, see User authentication using SSL client certificates.


Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tgzos_latest/help/topic/com.ibm.cics.tg.zos.doc//ctgzos/secure_conn_exci.html