IBM SC33-1686-02 Server User Manual


 
CESN—sign on
Non-3270 family terminal
A user can also sign on by providing all the user information
along with the transaction id, as follows:
| ─ ─CESN USERID=uuuuuuuu ─CESN ───────────────
| ─ ─USERID=uuuuuuuu ─┬ ─────────────────── ─────
└┘─,GROUPID=gggggggg
─ ─┬ ─────────────── ─┬ ────────────── ────────
└┘─,LANGUAGE=lll └┘─,PS=pppppppp
─ ─┬ ───────────────── ─
└┘─,NEWPS=password
Note:
1
Do not use blanks between parameters in the
comma-separated list.
This style of input can be used on video display terminals,
but is especially useful for sequential terminals and devices
not belonging to the IBM 3270 family of terminals.
Command options
GROUPID=gggggggg
| is your group userid (up to 8 characters). If this
| parameter is specified, it may be propagated to remote
| systems along with the userid (refer to the section on
| 'Implementing LU6.2 Security / Information about remote
| users' in the
CICS RACF Security Guide
).
LANGUAGE=lll
enables you to choose a national language (from those
that are available at your installation) for terminal
directed messages. “lll”, the national language identifier,
is a standard, three-character IBM code. If the language
identifier is omitted, CICS examines the following in this
order:
1. Language specified for the user in the signon table
2. Language specified in the installed terminal
definition for the terminal at which the signon occurs
3. Language specified on the NATLANG system
initialization parameter.
If you enter a code other than the range of IBM codes,
you get the following message:
DFHCE3537 Language is invalid. Please retype.
NEWPS=password
“password” is your new password (up to 8 characters). A
‘password’ value that consist entirely of space characters
will not be interpreted as a password update request.
The user will not be prompted for verification.
PS=pppppppp
is your password (up to 8 characters). If the password is
required but omitted, then RACF will report a security
violation via message ICH408I before CICS prompts for
the password.
USERID=uuuuuuuu
is your user ID (up to 8 characters).
Signing off with CESN
When a user starts the CESN transaction, CICS verifies
userids and password by calling RACF. If the terminal user
sign-on is valid, the CICS user domain keeps track of the
signed-on user. Thereafter, CICS uses the information about
the user when calling RACF to make authorization checks. If
a user was signed on before the call to RACF, this signed-on
user is signed off by CICS whether the returns from RACF
are valid or invalid.
If users enter the CESN transaction when they are already
signed on, the transaction may or may not sign them off. For
example, a user is not signed off by entering CESN, and
then pressing F3 when the signon panel is displayed.
In CICS Transaction Server for OS/390, CESN signs off any
signed-on user only when a new signon attempt is made. A
signed-on user is signed off when a userid is entered on the
signon panel and the ENTER key is pressed. Alternatively,
the signed-on user is signed off if the CESN transaction
identifier is entered with operands (for example
USERID=userid), and the ENTER key is pressed.
Unsuccessful sign-on and sign-off errors cause DFHCEnnnn
messages to be issued.
RACF OIDCARD users can use CESN to sign on if the card
reader supports the DFHOPID attention identifier (AID). If it
does not, you will need to write your own sign-on program
using the EXEC CICS SIGNON command. For programming
information see the
CICS Application Programming
Reference
.
218 CICS Supplied Transactions