User domain’s specific gates

Table 112 summarizes the user domain’s specific gates. It shows the level-1 trace point IDs of the modules providing the functions for the gates, the functions provided by the gates, and whether or not the functions are available through the exit programming interface (XPI).

Table 112. User domain’s specific gates
Gate Trace Function XPI
USAD
US 0201
US 0202
ADD_USER_WITH_PASSWORD
ADD_USER_WITHOUT_PASSWORD
DELETE_USER
INQUIRE_USER
INQUIRE_DEFAULT_USER
VALIDATE_USER
NO
NO
NO
NO
NO
NO
USFL
US 0501
US 0502
FLATTEN_USER
UNFLATTEN_USER
TAKEOVER
NO
NO
NO
USIS
US 0201
US 0202
SET_USER_DOMAIN_PARMS
NO
USXM
US 0401
US 0402
ADD_TRANSACTION_USER
DELETE_TRANSACTION_USER
END_TRANSACTION
FLATTEN_TRANSACTION_USER
INIT_TRANSACTION_USER
INQUIRE_TRANSACTION_USER
TERM_TRANSACTION_USER
UNFLATTEN_TRANSACTION_USER
NO
NO
NO
NO
NO

USAD gate, ADD_USER_WITH_PASSWORD function

The ADD_USER_WITH_PASSWORD function of the USAD gate is used to add a user to the CICS® region and verify the associated password or oidcard.

Input parameters

USERID
is the identifier of the user (a userid of 1 through 10 alphanumeric characters) to be added to the security domain.
USERID_LENGTH
is the length of the USERID value.
[PASSWORD_TYPE]
specifies if the password is masked. It can have either of these values:
CLEAR|MASKED
[PASSWORD]
is the current password, 1 through 10 alphanumeric characters, for the userid specified by the USERID value.
[PASSWORD_LENGTH]
is the 8-bit length of the PASSWORD value. This parameter is only valid if PASSWORD is also specified.
[NEW_PASSWORD]
is a new password, 1 through 10 alphanumeric characters, to be assigned to the userid (specified by the USERID value). This parameter is only valid if PASSWORD is also specified.
[NEW_PASSWORD_LENGTH]
is the 8-bit length of the NEW_PASSWORD value. This parameter is only valid if NEW_PASSWORD is also specified.
[OIDCARD]
is an optional oidcard (operator identification card); a 65-byte field containing further security data from a magnetic strip reader (MSR) on 32xx devices.
[GROUPID]
is an optional identifier, 1 through 10 alphanumeric characters, of a RACF® user group to which the userid (specified by the USERID value) is to be assigned.
[GROUPID_LENGTH]
is the 8-bit length of the GROUPID value. This parameter is only valid if GROUPID is also specified.
[ENTRY_PORT_NAME]
is an optional name of an entry port, 1 through 8 alphanumeric characters, to be assigned to the userid (specified by the USERID value).
[ENTRY_PORT_TYPE]
is the type of the optional entry port to be assigned to the userid (specified by the USERID value). It can have either of these values:
TERMINAL|CONSOLE
This parameter is only valid if ENTRY_PORT_NAME is also specified.
[SCOPE_CHECK]
indicates whether or not scope checking is to be performed for this function call. It can have either of these values:
YES|NO
SIGNON_TYPE
is the type of signon for the userid (specified by the USERID value). It can have any of these values:
ATTACH_SIGN_ON|DEFAULT_SIGN_ON|IRC_SIGN_ON|
LU61_SIGN_ON|LU62_SIGN_ON|NON_TERMINAL_SIGN_ON|
PRESET_SIGN_ON|USER_SIGN_ON|XRF_SIGN_ON
APPLID
is the application identifier for the CICS region.

Output parameters

USER_TOKEN
is the token identifying the userid in the user domain.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or EXCEPTION. Possible values are:
RESPONSE Possible REASON values
DISASTER
DEL_TIMEOUT_ENTRY_FAILED
EXTRACT_FAILED
GETMAIN_FAILED
EXCEPTION
ALREADY_SIGNED_ON
PASSWORD_REQUIRED
NEW_PASSWORD_REQUIRED
OIDCARD_REQUIRED
INVALID_USERID
INVALID_PASSWORD
INVALID_NEW_PASSWORD
INVALID_OIDCARD
INVALID_GROUPID
INQUIRE_PW_DATA_FAILED
USERID_NOT_IN_GROUP
UNKNOWN_ESM_RESPONSE
SECURITY_INACTIVE
ESM_INACTIVE
ENTRY_PORT_NOTAUTH
APPLICATION_NOTAUTH
USERID_REVOKED
GROUP_ACCESS_REVOKED
SECLABEL_CHECK_FAILED
ESM_TRANQUIL
ENQ_LIMIT_EXCEEDED
INVALID
INVALID_FORMAT
INVALID_FUNCTION
INVALID_PARAMETERS

USAD gate, ADD_USER_WITHOUT_PASSWORD function

The ADD_USER_WITHOUT_PASSWORD function of the USAD gate is used to add a user to the CICS region without verifying any password or oidcard.

Input parameters

USERID
is the identifier of the user (a userid of 1 through 10 alphanumeric characters) to be added to the security domain.
USERID_LENGTH
is the 8-bit length of the USERID value.
[APPLID]
is the application identifier for the CICS region.
[ENTRY_PORT_NAME]
is an optional name of an entry port, 1 through 8 alphanumeric characters, to be assigned to the userid (specified by the USERID value).
[ENTRY_PORT_TYPE]
is the type of the optional entry port to be assigned to the userid (specified by the USERID value). It can have either of these values:
TERMINAL|CONSOLE
This parameter is only valid if ENTRY_PORT_NAME is also specified.
[GROUPID]
is an optional identifier, 1 through 10 alphanumeric characters, of a RACF user group to which the userid (specified by the USERID value) is to be assigned.
[GROUPID_LENGTH]
is the 8-bit length of the GROUPID value. This parameter is only valid if GROUPID is also specified.
[SCOPE_CHECK]
indicates whether or not scope checking is to be performed for this function call. It can have either of these values:
YES|NO
SIGNON_TYPE
is the type of signon for the userid (specified by the USERID value). It can have any of these values:
ATTACH_SIGN_ON|DEFAULT_SIGN_ON|IRC_SIGN_ON|
LU61_SIGN_ON|LU62_SIGN_ON|NON_TERMINAL_SIGN_ON|
PRESET_SIGN_ON|USER_SIGN_ON|XRF_SIGN_ON
[SUSPEND]
indicates whether a wait during add user processing is acceptable. It can have either of these values:
YES|NO
[UUID]
is the unique universal ID (UUID) for the user.

Output parameters

USER_TOKEN
is the token identifying the userid in the user domain.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION, or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
DEL_TIMEOUT_ENTRY_FAILED
EXTRACT_FAILED
GETMAIN_FAILED
EXCEPTION
ALREADY_SIGNED_ON
APPLICATION_NOTAUTH
ENTRY_PORT_NOTAUTH
ESM_INACTIVE
ESM_TRANQUIL
GROUP_ACCESS_REVOKED
INVALID_GROUPID
INVALID_USERID
SECLABEL_CHECK_FAILED
SECURITY_INACTIVE
UNKNOWN_ESM_RESPONSE
USER_NOT_LOCATED
USERID_NOT_IN_GROUP
USERID_REVOKED
ENQ_LIMIT_EXCEEDED
INVALID
INVALID_FORMAT
INVALID_FUNCTION
INVALID_PARAMETERS

USAD gate, DELETE_USER function

The DELETE_USER function of the USAD gate is used to delete the user from the CICS region.

Input parameters

USER_TOKEN
is the token identifying the userid in the user domain.
SIGNOFF_TYPE
is the type of signoff for the userid identified by the SECURITY_TOKEN value. It can have any of these values:
ABNORMAL_SIGN_OFF|ATTACH_SIGN_OFF|DEFERRED_SIGN_OFF|
DELETE_SIGN_OFF|LINK_SIGN_OFF|NON_TERMINAL_SIGN_OFF|
PRESET_SIGN_OFF|UNFLATTEN_USER_SIGN_OFF|
USER_SIGN_OFF|XRF_SIGN_OFF
DELETE_IMMEDIATE
indicates whether the user should be deleted immediately. It can have one of these values:
YES|NO

Output parameters

[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or EXCEPTION. Possible values are:
RESPONSE Possible REASON values
DISASTER
ADD_TIMEOUT_ENTRY_FAILED
FREEMAIN_FAILED
EXCEPTION
INVALID_USER_TOKEN
DEFAULT_USER_TOKEN
SECURITY_INACTIVE
ESM_TRANQUIL
ESM_INACTIVE
UNKNOWN_ESM_RESPONSE

USAD gate, INQUIRE_USER function

The INQUIRE_USER function of the USAD gate is used to inquire about the attributes of the user represented by the user token.

Input parameters

USER_TOKEN
is the token identifying the userid to the user domain.

Output parameters

[USERID]
is the identifier of the user (a userid of 1 through 10 alphanumeric characters).
[USERID_LENGTH]
is the length of the USERID value.
[USERNAME]
is an optional buffer into which the attributes of the user are placed.
[CURRENT_GROUPID]
is the identifier, 1 through 10 alphanumeric characters, of the current RACF user group to which the userid (specified by the SECURITY_TOKEN value) is assigned.
[CURRENT_GROUPID_LENGTH]
is the 8-bit length of the GROUPID value.
[NATIONAL_LANGUAGE]
is a three-character code identifying the national language for the userid. It can have any of the values in Table 120.
[OPERATOR_CLASSES]
identifies the operator classes to which the user belongs. This is a 24-bit value, with each bit determining whether or not the user is a member of that class.
[OPERATOR_IDENT]
is the operator identification code, 1 through 3 alphanumeric characters, for the userid.
[ENTRY_PORT_NAME]
is the name of the entry port assigned to the userid.
[ENTRY_PORT_TYPE]
is the type of the entry port assigned to the userid. It can have either of these values:
TERMINAL|CONSOLE
This parameter is only valid if ENTRY_PORT_NAME is also specified.
[OPERATOR_PRIORITY]
is the operator priority value, in the range 0 through 255 (where 255 is the highest priority), for the userid.
[TIMEOUT]
is the number of minutes, in the range 0 through 60, that must elapse since the user last used the terminal before CICS "times-out" the terminal.
Notes:
  1. CICS rounds values up to the nearest multiple of 5.
  2. A TIMEOUT value of 0 means that the terminal is not timed out.
[XRF_REFLECTABLE]
indicates whether or not you want CICS to sign off the userid following an XRF takeover. It can have either of these values:
YES|NO
[ACEE_PTR]
is a pointer to the access control environment element, the control block that is generated by an external user (ESM) when the user signs on. If the user is not signed on, the address of the CICS DFLTUSER's ACEEis returned. If an ACEE does not exist, CICS sets the pointer reference to the null value, X'FF000000'.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is EXCEPTION. Possible values are:
RESPONSE Possible REASON values
EXCEPTION INVALID_USER_TOKEN

USAD gate, INQUIRE_DEFAULT_USER function

The INQUIRE_DEFAULT_USER function of the USAD gate is used to inquire about the attributes of the default user (specified on the DFLTUSER system initialization parameter).

Input parameters

None

Output parameters

[USERID]
is the identifier of the user (a userid of 1 through 10 alphanumeric characters).
[USERID_LENGTH]
is the length of the USERID value.
[USERNAME]
is an optional buffer into which the attributes of the default user are placed.
[CURRENT_GROUPID]
is the identifier, 1 through 10 alphanumeric characters, of the current RACF user group to which the userid (specified by the SECURITY_TOKEN value) is assigned.
[CURRENT_GROUPID_LENGTH]
is the 8-bit length of the GROUPID value.
[NATIONAL_LANGUAGE]
is a three-character code identifying the national language for the userid. It can have any of the values in Table 120.
[OPERATOR_CLASSES]
identifies the operator classes to which the user belongs. This is a 24-bit value, with each bit determining whether or not the user is a member of that class.
[OPERATOR_IDENT]
is the operator identification code, 1 through 3 alphanumeric characters, for the userid.
[OPERATOR_PRIORITY]
is the operator priority value, in the range 0 through 255 (where 255 is the highest priority), for the userid.
[TIMEOUT]
is the number of minutes, in the range 0 through 60, that must elapse since the user last used the terminal before CICS "times-out" the terminal.
Notes:
  1. CICS rounds values up to the nearest multiple of 5.
  2. A TIMEOUT value of 0 means that the terminal is not timed out.
[XRF_REFLECTABLE]
indicates whether or not you want CICS to sign off the userid following an XRF takeover. It can have either of these values:
YES|NO
[ACEE_PTR]
is a pointer to the access control environment element, the control block that is generated by an external user (ESM) when the default user signs on. If an ACEE does not exist, CICS sets the pointer reference to the null value, X'FF000000'.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED

USAD gate, VALIDATE_USERID function

The VALIDATE_USERID function of the USAD gate is used to verify that the specified userid is a valid userid.

Input parameters

[USERID]
is the userid to be validated.
[USERID_LENGTH]
is the length of the userid to be validated.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is EXCEPTION. Possible values are:
RESPONSE Possible REASON values
EXCEPTION
SECURITY_INACTIVE
USERID_NOT_DEFINED
USERID_NOT_DETERMINED

USFL gate, FLATTEN_USER function

The FLATTEN_USER function of the USFL gate is used to flatten the user’s security state and place into the FLATTENED_USER buffer provided.

Input parameters

USER_TOKEN
is the token identifying the userid.
FLATTENED_USER
is the buffer into which the flattened security state is placed.

Output parameters

[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION, or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
DIR_MANAGER_LOCATE_FAILED
SEC_DOM_FLATTEN_FAILED
EXCEPTION
INVALID_USER_TOKEN
SECURITY_INACTIVE
ESM_INACTIVE
ESM_TRANQUIL
UNKNOWN_ESM_RESPONSE
INVALID
INVALID_FORMAT
INVALID_FUNCTION
INVALID_FLATTENED_BUFFER

USFL gate, TAKEOVER function

The TAKEOVER function of the USFL gate is used, when an XRF takeover occurs, to obtain the SNSCOPE ENQ resources for those users who could not obtain it during tracking, because the resources were already held by the active region.

Input parameters

None.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USFL gate, UNFLATTEN_USER function

The UNFLATTEN_USER function of the USFL gate is used to unflatten the user security state data in the FLATTENED_USER buffer, and add the userid to the user domain.

Input parameters

FLATTENED_USER
is a buffer containing flattened security state data for a userid.

Output parameters

USER_TOKEN
is the token identifying the userid in the user domain.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
DEL_TIMEOUT_ENTRY_FAILED
DIR_MANAGER_ADD_FAILED
DIR_MANAGER_DELETE_FAILED
FREEMAIN_FAILED
GETMAIN_FAILED
SEC_DOMAIN_DELETE_FAILED
SEC_DOM_UNFLATTEN_FAILED
EXCEPTION
ALREADY_SIGNED_ON
APPLICATION_NOTAUTH
ENTRY_PORT_NOTAUTH
ESM_INACTIVE
ESM_TRANQUIL
GROUP_ACCESS_REVOKED
SECLABEL_CHECK_FAILED
SECURITY_INACTIVE
UNKNOWN_ESM_RESPONSE
USERID_NOT_IN_GROUP
USERID_REVOKED
USERID_UNDEFINED
INVALID
INVALID_FLATTENED_BUFFER
INVALID_FORMAT
INVALID_FUNCTION

USIS gate, SET_USER_DOMAIN_PARMS function

At CICS startup, loads information for the user domain from the system initialization table (SIT) into the user state data.

Input parameters

DEFAULT_USERID
is the default userid, as 1 through 10 alphanumeric characters.
SIGNON_SCOPE
is the scope for which the default userid can be signed on. It can have any of these values:
NONE|CICS|MVSIMAGE|SYSPLEX
DIRECTORY_TIMEOUT_VALUE
is the intersystem refresh delay, in the range 0 through 10080 minutes (up to 7 days), for the default userid.
APPLID
is the application identifier for the CICS region.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|DISASTER
[REASON]
is returned when RESPONSE is DISASTER. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP

USXM gate, ADD_TRANSACTION_USER function

The ADD_TRANSACTION_USER function of the USXM gate sets the user characteristics (as security tokens) for a transaction.

Input parameters

[PRINCIPAL_USER_TOKEN]
is the optional principal user token representing the characteristics of the principal user of the transaction.
[SESSION_USER_TOKEN]
is the optional session user token representing the characteristics of the session user of the transaction.
[EDF_USER_TOKEN]
is the optional EDF user token representing the characteristics of the EDF user of the transaction.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION, or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
EXCEPTION
ALREADY_SIGNED_ON
DUPLICATE_USER
INVALID_USER_TOKEN
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, DELETE_TRANSACTION_USER function

The DELETE_TRANSACTION_USER function of the USXM gate deletes the user token of the specified token type for the transaction.

Input parameters

TOKEN_TYPE
is the type of user token for the transaction. It can have any of these values:
PRINCIPAL|SESSION|EDF

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION, or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
EXCEPTION NO_USER_TOKEN
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, END_TRANSACTION function

The END_TRANSACTION function of the USXM gate deletes all the user token to security token maps for the transaction.

Input parameters

None.

Output parameters

RESPONSE
is the domain's response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR
[REASON]
is returned when RESPONSE is DISASTER or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
FREEMAIN_FAILED
LOOP
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, FLATTEN_TRANSACTION_USER function

The FLATTEN_TRANSACTION_USER function of the USXM gate creates the contents of a FLAT_TRANSUSER buffer from the principal user of the current transaction.

Input parameters

FLAT_TRANSUSER
is the buffer to be created.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
INVALID INVALID_FLAT_TRANSUSER

USXM gate, INIT_TRANSACTION_USER function

The INIT_TRANSACTION_USER function of the USXM gate initializes the transaction for the user characteristics identified by the PRINCIPAL_USER_TOKEN value.

Input parameters

PRINCIPAL_USER_TOKEN
is the principal user token representing the characteristics of the principal user of the transaction.
[SESSION_USER_TOKEN]
is the optional session user token representing the characteristics of the session user of the transaction.
[EDF_USER_TOKEN]
is the optional EDF user token representing the characteristics of the EDF user of the transaction.
[XMAT_CALL]
indicates whether the function is called while a transaction is being attached. It can have either of these values:
YES|NO

Output parameters

USDOM_TRANSACTION_TOKEN
is the user token to be used for reference to user characteristics only. It is treated as the principal user token until the next ADD_TRANSACTION_USER call for the transaction.
PRIORITY
is the priority value, in the range 0 through 255 (where 255 is the highest priority), for the user with the token identified by the PRINCIPAL_USER_TOKEN value.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER, EXCEPTION, or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
GETMAIN_FAILED
LOOP
EXCEPTION INVALID_USER_TOKEN
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, INQUIRE_TRANSACTION_USER function

The INQUIRE_TRANSACTION_USER function of the USXM gate inquires about the user characteristics associated with the transaction identified by the USDOM_TRANSACTION_TOKEN value.

Input parameters

USDOM_TRANSACTION_TOKEN
is the user token to be used for reference to user characteristics only.

Output parameters

[USERID]
is the identifier of the user (a userid of 1 through 10 alphanumeric characters).
USERID_LENGTH
is the length of the USERID value.
[USERNAME]
is an optional buffer that contains the attributes of the user.
[CURRENT_GROUPID]
is the identifier, 1 through 10 alphanumeric characters, of the current RACF user group to which the user is assigned.
[CURRENT_GROUPID_LENGTH]
is the 8-bit length of the GROUPID value.
[NATIONAL_LANGUAGE]
is a three-character code identifying the national language for the user. It can have any of the values in Table 120.
[OPERATOR_CLASSES]
identifies the operator classes to which the user belongs. This is a 24-bit value, with each bit determining whether or not the user is a member of that class.
[OPERATOR_IDENT]
is the operator identification code, 1 through 3 alphanumeric characters, for the user.
[ENTRY_PORT_NAME]
is the name of the entry port assigned to the userid.
[ENTRY_PORT_TYPE]
is the type of the entry port assigned to the userid. It can have either of these values:
TERMINAL|CONSOLE
This parameter is only valid if ENTRY_PORT_NAME is also specified.
[APPLID]
is the application identifier for the CICS region.
[OPERATOR_PRIORITY]
is the operator priority value, in the range 0 through 255 (where 255 is the highest priority), for the user.
[TIMEOUT]
is the number of minutes, in the range 0 through 60, that must elapse since the user last used the terminal before CICS "times-out" the terminal.
Notes:
  1. CICS rounds values up to the nearest multiple of 5.
  2. A TIMEOUT value of 0 means that the terminal is not timed out.
[XRFSOFF]
indicates whether or not you want CICS to sign off the user following an XRF takeover. It can have either of these values:
YES|NO
[ACEE_PTR]
is a pointer to the access control environment element, the control block that is generated by an external user (ESM) when the user signs on. If the user is not signed on, the address of the CICS DFLTUSER's ACEEis returned. If an ACEE does not exist, CICS sets the pointer reference to the null value, X'FF000000'.
PRINCIPAL_USER_TOKEN
is the token identifying the userid in the user domain.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR
[REASON]
is returned when RESPONSE is DISASTER or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, TERM_TRANSACTION_USER function

The TERM_TRANSACTION_USER function of the USXM gate removes the state information created by an INIT_TRANSACTION_USER function.

Input parameters

USDOM_TRANSACTION_TOKEN
is the token that identifies the state data to be removed.

Output parameters

RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or INVALID. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
FREEMAIN_FAILED
LOOP
INVALID
INVALID_FORMAT
INVALID_FUNCTION

USXM gate, UNFLATTEN_TRANSACTION_USER function

The UNFLATTEN_TRANSACTION_USER function of the USXM gate adds (by the ADD_USER_WITHOUT_PASSWORD function of the USAD gate) the user defined by the contents of the supplied FLAT_TRANSUSER buffer.

Input parameters

FLAT_TRANUSER
is the buffer containing data that defines the user to be added.
[SUSPEND]
indicates whether a wait during add user processing is acceptable. It can have either of these values:
YES|NO

Output parameters

PRINCIPAL_USER_TOKEN
is the token identifying the userid in the user domain.
[SAF_RESPONSE]
is the optional 32-bit SAF response code to the call.
[SAF_REASON]
is the optional 32-bit SAF reason returned with SAF_RESPONSE.
[ESM_RESPONSE]
is the optional 32-bit ESM response code to the call.
[ESM_REASON]
is the optional 32-bit ESM reason returned with ESM_RESPONSE.
RESPONSE
is the domains response to the call. It can have any of these values:
OK|EXCEPTION|DISASTER|INVALID|KERNERROR|PURGED
[REASON]
is returned when RESPONSE is DISASTER or EXCEPTION. Possible values are:
RESPONSE Possible REASON values
DISASTER
ABEND
LOOP
EXCEPTION
APPLICATION_NOTAUTH
ENTRY_PORT_NOTAUTH
ESM_INACTIVE
ESM_TRANQUIL
GROUP_ACCESS_REVOKED
INVALID_GROUPID
INVALID_USERID
SECLABEL_CHECK_FAILED
SECURITY_INACTIVE
UNKNOWN_ESM_RESPONSE
USER_NOT_LOCATED
USERID_NOT_IN_GROUP
USERID_REVOKED
[[ Contents Previous Page | Next Page Index ]]