Start of change

Security call parameters

The following table lists the parameters in the communication area for a security call exit.

For more information about each parameter, see the comments in member CCVX0008 of the sample library SCCVSAMP.

Not all of the parameters are present on every call. The contents of the parameter list depend on the type of security check, such as whether the security check is for access to an API command or a CICS® resource definition, and the API command.

Table 1. User exit parameters: security call
Parameter Additional information
Object type The object type involved in the security check.
Object group The resource definition group (or ResGroup, for a context-based resource definition).

Applies only to security checks for access to CICS resource definitions.

Object name  
Approval profile  
Migration scheme  
Approver role  
CICS configuration  
API command The API command name abbreviated to three characters, as used in the security key. For details, see Security keys for API commands.
Call type
Internal
Special case for changing the SAF class.
Functional
Security check for access to an API command.
Object
Security check for access to a CICS resource definition.
Location name In cases where there is a source and a target location, this is the source location name.
Location type In cases where there is a source and a target location, this is the source location type.
Output location name Refers to the target location, if applicable.
Output location type Refers to the target location, if applicable.
SAF class The SAF class that CICS Configuration Manager uses for security checks for API commands. For an API command that changes the SAF class, this is the old SAF class.
New SAF class Applies to API commands that change which SAF class CICS Configuration Manager uses for security checks for API commands.
SAF prefix The security key prefix that CICS Configuration Manager uses for security checks for API commands.
Object SAF class The SAF class that CICS Configuration Manager uses for security checks for objects (resource definitions).
Object SAF prefix The security key prefix that CICS Configuration Manager uses for security checks for objects (resource definitions).
Invoke point Whether the user exit was called before or after the security check.
Authority Whether the user has the authority to perform the requested action.
Process option Allows the "before" security call exit to determine subsequent security processing.
End of change