Users of TN3270 clients are generally required to know the user ID and password for the application they want to access. Users may forget their IDs and passwords or they may write down their IDs and password creating a security risk. A solution for this problem is the Express Logon Feature (ELF), which allows a TN3270 client with a x.509 certificate to log on to an SNA application without entering an ID or password. The client's certificate must be associated with a valid user ID in RACF. When the client connects, the TN3270 server uses RACF Secured Sign on services to obtain a user ID and PassTicket, which the server passes on to the SNA application to complete the logon.