Security requirements

All client functions that require a host communications server to perform an action (for example, download a group, upload a list, or download file records) require you to provide a host user ID and password, even if security checking is not active on the host. If security checking is active on the host for the communication server to which you are connecting, your user ID must have update authority for the CICS® region control file that you are trying to access. If you do not have the required authorization, the request fails with a security violation. Your user ID does not require any other type of authority, such as TSO or CICS.

If active, client security checking is performed by the communication server processing your request using standard z/OS® System Authorization Facility (SAF) checks. Thus you can use on the host any security manager that conforms to the standard SAF interface.