On Mon, 27 Jun 2022 10:20:43 -0500, Mike Cairns wrote:
>One important difference you might need to be aware of is between a normal
>RACROUTE call that executes under the authority of the current user associated
>with the running address space (a First Party call - i.e. checking your own
>curre
You don't need to concern yourself with *how* the user is (or is not) given
access to the resource. You don't need to concern yourself with which RACF
profile protects the resource either. You just pass the necessary information
about the user, the access level being requested and the resource
> One routine issues RACROUTE REQUEST=FASTAUTH, and the other issues RACROUTE
> REQUEST=AUTH.
It is relatively uncommon to need to use FASTAUTH. Be sure that you are using
it when appropriate and are aware of its restrictions.
Peter Relson
z/OS Core Technology Design
-
sed to just the current connect group.
Rex
-Original Message-
From: IBM Mainframe Discussion List On Behalf Of
esst...@juno.com
Sent: Thursday, June 23, 2022 10:53 AM
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: [EXTERNAL] How To Handle RACROUTE logic
Hello,
.
I'm not a RACF person.
.
I'
Hi,
I don't think you should do extra checking.
If the user is a member of a group and is not explicitly defined to access a
specific profile, but the group he belongs is allowed to access it, then
RACROUTE should succeed.
Best Regards
Ituriel do Nascimento Neto
z/OS System Programmer
Hello,
.
I'm not a RACF person.
.
I'm developing two routines to check a userids authority to access a resource
in a RACF Facility Class.
.
One routine issues RACROUTE REQUEST=FATSAUTH, and the other issues RACROUTE
REQUEST=AUTH.
Both requests work well when checking for an individual user.
.
T
