Access to named counter servers

You can control access by CICS regions to the named counter servers. A security check is made against the CICS region userid to verify that the region is authorized to use the services of a named counter server. This check is made each time that a CICS region connects to a named counter server.

Give each CICS region userid that connects to a named counter server UPDATE access to the CICS RACF profile called DFHNC.poolname in the FACILITY general resource class. This authorizes the CICS region to use the services of the named counter server for the named named counter pool.

For example, if the userid of a CICS region is CICSDAA1, and the pool name is DFHNC001, the following RACF commands define the profile and provide the required access:
RDEFINE FACILITY DFHNC.DFHNC001 UACC(NONE)
PERMIT DFHNC.DFHNC001 CLASS(FACILITY) ID(CICSDAA1) ACCESS(UPDATE)

When a CICS region has connected to a named counter pool, it can define, update, delete, get, rewind, and query named counters without any further security checks being performed by the server.

Note: Unlike shared temporary storage pools and coupling facility data table pools, named counters can also be accessed by batch application regions. Batch jobs are subject to the same security mechanisms as a CICS region.