You can use different resource classes for the two types of CICS® Configuration Manager security check (API commands and resource definitions), or use the same class for both. XFACILIT is a commonly used IBM-supplied resource class that is suitable for both types of security check.
If you decide to use a resource class other than XFACILIT, you need to consider the following requirements:
If you specify the FACILITY class for CICS Configuration Manager security checking for resource definition keys, the security key prefix must not exceed 3 characters.
If an API command refers to resource definitions, the security key for the API command includes the location of the resource definitions as specified by the API command. API command requests from the supplied CICS Configuration Manager ISPF dialog and batch client interfaces exclusively use CICS configuration names, never CSD file names, to specify the location of resource definitions.
If you develop a custom client interface, you can create API command requests that specify a CSD file name as the location of resource definitions. Security keys that include a CSD file name (up to 44 characters) can be longer than security keys that include a CICS configuration name (up to 8 characters). In this case, you need to choose or create a resource class that supports longer keys: up to 75 characters, if you limit the security prefix to 3 characters. You can also configure an optional security exit that is invoked before and after each SAF call. See the skeleton exit supplied in the CCVX0001 member of the sample library SCCVSAMP.
CDTINFO(FIRST(ALPHA,NATIONAL,NUMERIC,SPECIAL),
OTHER(ALPHA,NATIONAL,NUMERIC,SPECIAL)
…)
The IBM-supplied resource classes XFACILIT and FACILITY allow special characters.
Instead of using XFACILIT or FACILITY, both of which might be used by other products, you might choose to define a resource class specifically for CICS Configuration Manager. For details, see the members named CCVXSAFx in the sample library SCCVSAMP. For example, to define a suitable resource class in a RACF® environment, see sample member CCVXSAF1.