What is the CA Top Secret Resource Class 'ACIDAUTH' used for?
The ACIDAUTH Resource Class is used for Cross Submit Authorization Checking. It is used to determine, if a submitting acid is authorized to submit a job using a different acid.
A security call against ACIDAUTH class is always issued, whether USER= is specified or not on JOB card.
The SAFTRACE excerpt below details the security call:
CAS21D0I TRACEID: TRACE001 EVENT#: 00302431
CAS21D0I JOBNAME: USER001 USERID: USER001 ASID: 0044
CAS21D1I PROGRAM: IKJEFF04 RB CURR: IKJEFF04 APF: YES SFR/RFR: 0/0:0
CAS2200I RACROUTE REQUEST=AUTH,REQSTOR='TSSJJINT',SUBSYS='CA-TSS',
- The TSSJJINT is designed to check, if the submitting acid is authorized to the acid being used in the batch job.
- The security check is against the ACIDAUTH resource class.
- When submitting using an acid that has the bypass attribute NOSUBCHK, the event is logged into the Audit Tracking File (ATF).
For CA top Secret r15.0 refer to Implementation:Other Interfaces Guide; chapter #1 Implementation Security for BATCH.
For CA Top Secret r16.0 go to docops.ca.com site; signon; choose your product CA Top Secret for z/OS - 16.0; click on "Implementing in CICS and other interfaces" link to have more information about BATCH implementation and USER= parameter.