The table below defines the name of each default resource class used in Enterprise Server for CICS security, its meaning, the type of resource entities it contains, and the minimum permission that a user requires on the entities.
The CICS class names can be configured using environment variables (see Environment Variables for CICS Resource Classes). CICS will only use the first 7 characters of the value specified in the environment variable, it will then prefix the value with 1 character depending on the request.
|
CICS Class name |
CICS corresponding |
Entities |
ACCESS LEVEL |
|
ACICSPCT |
CICS Program control table |
Started Transactions |
READ |
|
CCICSCMD |
Used by CICS/ESA 3.1, or later, to verify that a user is permitted to use CICS system programmer commands such as INQUIRE, SET, PERFORM, and COLLECT |
CICS Command Functions |
See resource and cross reference table |
|
DATASET |
Dataset Names or Physical Filename used by CICS at startup |
Files |
READ or UPDATE |
|
DCICSDCT |
CICS Transient data queues |
Transient Data Destination |
UPDATE |
|
FCICSFCT |
CICS File control table |
Files |
READ or UPDATE |
|
JCICSJCT |
CICS Journal control table |
Journal Number |
READ or UPDATE |
|
MCICSPPT |
CICS Processing program table (LINK/XCTL) |
Programs |
READ |
|
PCICSPSB |
CICS Program specification blocks (PSBs) |
Program Status Block |
N/A |
|
SCICSTST |
CICS temporary storage queues |
Temporary Storage Queues |
READ or UPDATE |
|
TCICSTRN |
CICS Transactions |
Transactions |
READ |
|
SURROGAT |
Class for CICS SURROGATE users (EXEC CICS START USERID). |
Users |
READ |
In previous releases, security was not enforced for TS or TD queues that were not declared in the security repository. Now, by default, you must declare each TS or TD that your transactions will access. To revert to the previous behavior, use the ES_OLD_SEC_TSTD environment variable.