IBM SC33-1683-02 Server User Manual


  Open as PDF
of 875
 
How ESM exit programs access CICS-related information
When CICS invokes the ESM, it passes information about the current CICS
environment, for use by an ESM exit program, in an installation data parameter
list. How your exit programs access the installation data parameter list depends on
whether or not your ESM is RACF.
For non-RACF users the ESM parameter list
CICS (or another caller) passes information to your external security manager in the
ESM parameter list, the address of which can be calculated using field SAFPRACP
of the MVS router parameter list.
When the caller is CICS, the “INSTLN” field of the ESM parameter list points to the
installation data parameter list, which contains CICS-related information that can be
used by ESM exit programs.
The format of the ESM parameter list, and the actual name of the “INSTLN” field,
vary, depending on which CICS security event is being processed. (The “request
type” field (SAFPREQT) of the router parameter list shows why the ESM is being
called by indicating the RACROUTE REQUEST type.) Table 36 shows how some
formats of the ESM parameter list can be mapped using MVS macros.
Table 36. Mapping the ESM parameter list
RACROUTE REQUEST
type
Parameter list mapping macro INSTLN field name
VERIFY IRRPRIPL INITIPTR (X'10')
AUTH ICHACHKL ACHKIN31 (X'20')
FASTAUTH Not available Offset X'18'
LIST Not available Offset X'0C'
EXTRACT Not available None
Note: The INSTLN field points to the installation parameter list only if you specify
INSTLN on the ESMEXITS system initialization parameter. The default value
of this parameter is NOINSTLN, which means that no installation data is
passed.
For RACF users the RACF user exit parameter list
If you are a RACF user, you can find the address of the installation data parameter
list directly from the RACF user exit parameter list. The name of the relevant field in
the user exit parameter list varies according to the RACROUTE REQUEST type
and the RACF user exit that is invoked. The relationships between REQUEST type,
exit name, and field name are shown in Table 37 on page 725.
ESM exit programs
724
CICS TS for OS/390: CICS Customization Guide
 previous next