SECURITY (Security) keyword for ICF files

Use this file- and record-level keyword to include security information when your program starts a program on a remote system (see the EVOKE keyword).

Any record format that has the SECURITY keyword specified for it or implied for it by being specified at the file level must have the EVOKE keyword specified on that record format or implied for that record format by being specified at the file level. If you do not specify the EVOKE keyword, a severe error occurs and the file is not created.

The format of the keyword is: 
SECURITY(security-subfield subfield-definition[.3.])

The security-subfield parameter identifies the subfield being defined. This parameter is required. The value specified must be one of the following values:

Value Meaning
1 (Profile ID)
2 (Password)
3 (User ID)

The subfield-definition parameter must be one of the following parameters. If you enter the password as literal (character string), the characters are interpreted by the CCSID of the ICF file; otherwise, characters are interpreted by the CCSID of the current job.

*USER
Indicates that the user profile name of the user should be used as the value of the security subfield. For example, if *USER is specified for the password subfield, the user profile name is used as the password.
*NONE
Indicates that a null security value should be used.
'character-string'
You can specify up to 128 single-byte characters for a password.
field-name
The specified field contains the security information.

The length of the field can range from 1 to 10 bytes, or it may be 512 bytes. The number of characters, as interpreted by the CCSID of the current job, cannot exceed 128. Values greater than 128 should only be used if multi-byte characters are specified for the password. The default length of the field is 10 bytes.

This parameter is not valid if you specify the SECURITY keyword at the file level.

&field-name
The specified field contains the security information.

The length of the field can range from 1 to 10 bytes, or it may be 512 bytes. The number of characters, as interpreted by the CCSID of the current job, cannot exceed 128. Values greater than 128 should only be used if multi-byte characters are specified for the password. The default length of the field is 10 bytes.

This parameter is not valid if you specify the SECURITY keyword at the file level.

You cannot specify SECURITY with the TIMER keyword.

Option indicators are valid for this keyword.

Example

The following example shows how to specify the SECURITY keyword.

|...+....1....+....2....+....3....+....4....+....5....+....6....+....7....+....8
00010A  01                                  SECURITY(2 'JONES' 3 'WHITE')
00020A
00030A
00040A
00050A
00060A          R RCD1
00070A  03                                  SECURITY(2 'JONES' 3 *USER)
00080A                                      EVOKE(LIB2/PGM2)
00090A
00100A          R RCD2
00110A                                      EVOKE(LIB3/PGM3)
00120A
00130A            FIELD1         5A
00140A
00150A          R RCD3
00160A  60                                  SECURITY(2 &CLVAR1 3 &CLVAR2);
00170A                                      EVOKE(LIB4/PGM4)
00180A            CLVAR1        10A
00190A            CLVAR2        10A
     A

SECURITY specified at the file level applies to all formats and if selected (indicator 01 is on), the password of JONES and user ID of WHITE are sent to the remote system.

For RCD1, if indicator 03 is set on, the user profile name of the current user is used as the user ID and is sent with the password JONES as security information to the remote system.

For RCD2, no security information is sent to the remote system.

For RCD3, if indicator 60 is set on, the value contained in CLVAR1 is used as the password, the value in CLVAR2 is used as the user ID, and both are sent as security information to the remote system.

Parent topic: DDS keyword entries for ICF files (positions 45 through 80)