You can find the JCL used to assemble and link the SYBTPSEC configuration module in OSC150.CICS.JCL(IxTPSEC).
This table lists the macro fields, their defaults, and their meanings:
SECURITY |
Security verification: Y – The user ID and password are verified when a language request or RPC is started. For gatewayless connections, the connection does occur, but a security error can occur when the first request is processed. Invalid user IDs are then rejected. H (default) – The user ID and password are verified immediately when a gatewayless connection is established. There is no difference between SEC=Y and SEC=H when you are running transactions from a gateway. When running gatewayless, SEC=Y emulates a gateway transaction by not returning any security errors until the client executes a language request or RPC. The setting SEC=H returns all user ID and password errors at connect time and drops the connection, as do ASE servers. However, there are rare instances in which the interaction of RACF and CICS prevents a user ID or password error from being returned to a gatewayless client when SEC=Y is used. When this occurs, the gatewayless handler transaction SYSH ends abnormally without closing the socket. Therefore, Sybase suggests that you use SEC=H setting. U – No password verification is performed. CICS assumes that the incoming user ID is correct and has the authority to run. For this setting, CICS versions prior to CICS/TS 3.1 cannot detect if a user ID is revoked. T – Use CICS Terminal Security. This setting results in additional transaction processing that may reduce the listener efficiency. N – No user ID and password verification occurs. |
GWTRAN |
The handler transaction called for gateway connections. Default is SYGH. |
GWLTRAN |
The handler called for gatewayless transactions. Default is SYSH. |
TERMON |
The sign-on transaction used for terminal security. Default is SYSO. |
TERMOFF |
The sign off transaction used for terminal security. Default is SYSF. |
PING |
The transaction used for SYBPING. Default is SYPG. |
PWTRAN |
The transaction ID used by the SYBPEM (password change) RPC. Default is SYPM. |
If you require different listeners to have different parameters, you must assemble and link the SYBTPSEC macro under different configuration module names. When configuring a listener, you set the value of the SECEXIT parameter to a specific configuration module name. You also must add an RDO program definition (by copying that of SYBTPSEC) for each new name used.