What is the CA Top Secret ACIDAUTH Resource Class for?

Document ID : KB000053105
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction:

What is the CA Top Secret Resource Class 'ACIDAUTH' used for?

Instructions:

The ACIDAUTH Resource Class is used for Cross Submit Authorization Checking. It is used to determine, if a submitting acid is authorized to submit a job using a different acid.

A security call against ACIDAUTH class is always issued, whether USER= is specified or not on JOB card.

The SAFTRACE excerpt below details the security call:

CAS21D0I TRACEID: TRACE001 EVENT#:  00302431
CAS21D0I JOBNAME: USER001  USERID:  USER001  ASID: 0044
CAS21D1I PROGRAM: IKJEFF04 RB CURR: IKJEFF04 APF:  YES  SFR/RFR: 0/0:0
CAS2200I RACROUTE REQUEST=AUTH,REQSTOR='TSSJJINT',SUBSYS='CA-TSS',
CAS2200I          CLASS='ACIDAUTH',RELEASE=1.9,STATUS=NONE,ACEE=,
CAS2200I          ATTR=READ,DSTYPE=N,DECOUPL=YES,
CAS2200I          ENTITY=('USER001...............................'),
CAS2200I          FILESEQ=0,GENERIC=ASIS,LOG=ASIS,MSGSP=0,TAPELBL=STD,
CAS2200I          WORKA=
  • The TSSJJINT is designed to check, if the submitting acid is authorized to the acid being used in the batch job.

  • The security check is against the ACIDAUTH resource class.

  • When submitting using an acid that has the bypass attribute NOSUBCHK, the event is logged into the Audit Tracking File (ATF).

 

Additional Information: 

 

For CA top Secret r15.0 refer to Implementation:Other Interfaces Guide; chapter #1 Implementation Security for BATCH. 

For CA Top Secret r16.0 go to docops.ca.com site; signon; choose your product CA Top Secret for z/OS - 16.0; click on "Implementing in CICS and other interfaces" link to have more information about BATCH implementation and USER= parameter.