The user exit program must be called dfhuesm. We provide a sample program and a copy book that defines the parameters passed between MSS and the exit program. We also provide a shared object (.so) file for both 32- and 64-bit platforms. These files are located in:
File | Location |
---|---|
dfhuesm.cbl | $COBDIR$COBDIR\cpylib |
dfhcbesm.cpy | $COBDIR/cpylib |
dfhuesm.so | $COBDIR/lib |
dfhuesm64.so | $COBDIR/lib |
When the QUERY SECURITY command is issued, the input parameters are set using the information supplied by your application. The parameters are as follows:
Field | Value |
---|---|
esm-version-no | Indicates the version of the parameter blocks. Micro Focus will increment this value if it issues an updated interface. |
esm-user-id | The ID for the current user. If the user has not signed on, this field contains binary zeroes. |
esm-opid | The operator ID associated with the user as defined in the sign-on table. If the user has not signed on, this field contains binary zeroes. |
esm-opclass | The operator class associated with the user. This field contains character zeroes, unless the user has not signed on, in which case it contains binary zeroes. |
esm-arg-01-flag | Unused. |
esm-arg-02-flag | A value of 1 indicates that the application has used the RESTYPE keyword; the field esm-restype contains a valid resource type. |
esm-arg-03-flag | A value of 1 indicates that the application has used the RESID keyword. This is mandatory, so this field is always set to 1. See the field esm-resid. |
esm-arg-04-flag | A value of 1 indicates that the application has used the RESIDLENGTH keyword. See the field esm-residlength. |
esm-arg-05-flag | A value of 1 indicates that the application has used the READ keyword. See the field esm-read. |
esm-arg-06-flag | A value of 1 indicates that the application has used the UPDATE keyword. See the field esm-update. |
esm-arg-07-flag | A value of 1 indicates that the application has used the RESCLASS keyword; the field esm-resclass contains a resource class. |
esm-arg-08-flag | A value of 1 indicates that the application has used the ALTER keyword. See the field esm-alter. |
esm-arg-09-flag | A value of 1 indicates that the application has used the CONTROL keyword. See the field esm-control. |
esm-arg-10-flag | A value of 1 indicates that the application has used the LOGMESSAGE or the LOG keyword. See the field esm-logmessage. |
esm-arg-11-flag | Unused. |
esm-arg-12-flag | Unused. |
esm-arg-13-flag | Unused. |
esm-arg-14-flag | Unused. |
esm-arg-15-flag | Unused. |
esm-arg-16-flag | Unused. |
esm-restype | If specified, this field contains one of the following values:
|
esm-resclass | If specified, this field contains the name of a resource class. |
esm-residlength | If specified, this field contains the number of significant characters in the field esm-resid. |
esm-resid | This field contains the ID of a resource, the user's access to which the application needs to query. It may either be a CICS resource ID of up to 12 characters or a user-defined resource ID of up to 240 characters. |
esm-logmessage | If specified, this field notifies the user exit program as to whether security violations are to be logged or not. On the mainframe, this field is used to tell CICS to log security violations. It is provided for compatibility with the mainframe; however, security violations are not logged. |
The user exit program sets the output parameters, which are as follows:
Field | Value |
---|---|
esm-eibresp | This field contains either zero to indicate that the QUERY SECURITY call is valid, or a non-zero value to indicate otherwise. This value is returned to the application program in the EIBRESP field. It is the responsibility of the user exit program to ensure that a correct value is placed here. It should be necessary to return only the NOTFND or QIDERR condition, but you are not restricted in doing so. |
esm-eibresp2 | If your exit program returns a non-zero value in the field esm-eibresp, it must return a non-zero value in this field. The only values that your exit program needs to return are 1, 3, 5 or 8 for the NOTFND condition, or 1 for the QIDERR condition. This value is returned to the application in the EIBRESP2 field. |
esm-eibrcode | If your exit returns a non-zero value in the field esm-eibresp, then it must place a hexadecimal value in this field. This value is returned to the application program in the EIBRCODE field. |
esm-alter | If the application has requested the ALTER status for the named resource (field esm-arg-08-flag set), then the exit program must return a CVDA value of either ALTERABLE or NOTALTERABLE in this field. |
esm-control | If the application has requested the CONTROL status for the named resource (field esm-arg-09-flag set), then the exit program must return a CVDA value of either CTRLABLE or NOTCTRLABLE in this field. |
esm-read | If the application has requested the READ status for the named resource (field esm-arg-05-flag set), then the exit program must return a CVDA value of either READABLE or NOTREADABLE in this field. |
esm-update | If the application has requested the UPDATE status for the named resource (field esm-arg-06-flag set), then the exit program must return a CVDA value of either UPDATABLE or NOTUPDATABLE in this field. |