If you are using the EXCI protocol on CICS® Transaction Gateway for z/OS®,
there are a number of settings and security checks in place to validate your
user ID and password.
- The user ID and password coded on the ECI request object can be validated
in the CICS Transaction Gateway through RACF® for every EXCI
call. This is controlled through the setting of the AUTH_USERID_PASSWORD environment
variable. See the CICS Transaction Gateway: z/OS Administration,
for more information.
- The ECI user ID will then be subject to EXCI surrogate security checks,
before it can be flowed on the EXCI request; for more details, see the CICS External Interfaces
Guide. Note that any password supplied on an ECI request is not flowed
on to CICS from
the CICS Transaction Gateway for z/OS.
- The flowed user ID is subject to CICS authorization
checks, for more details, see theCICS Transaction Server for z/OS RACF Security Guide.
See also Configuring CICS Transaction Gateway for use with RACF, in the CICS Transaction Gateway: z/OS Administration.