Granting user authorizations for EXTENDED BUFFER MANAGER
Through the security interface, you can control ISPF access to XBM for a user or a group of users. For example, you can control the ability to change information in the XBM repository and the size of the XBM cache. However, the security interface does not prohibit users from using the ISPF interface to monitor XBM.
You can control access to XBM functions through IBM RACF (version 1.9 or later) or through other security packages that are compatible with the System Authorization Facility (SAF), such as the CA Technologies CA-ACF2 or CA-Top Secret products.
XBM security does not check commands from any MVS system console, including the IBM System Display and Search Facility (SDSF). XBM security checks only commands that are entered through the XBM ISPF interface.
In addition to RACF and other SAF-compatible security packages, the XBM security interface provides two exit points for user-written security routines. For more information, see Using XBM user exits.
The security interface is optional for RACF users and CA-Top Secret users. If you do not implement security access to XBM, its functions are unsecured and available to any user with access to the XBM ISPF interface.
If you are using CA-ACF2, the security interface is not optional. By default, CA-ACF2 secures all functions. If you want an unsecured environment, you must implement XBM security and give access to all XBM users, or create an XBM user exit to bypass security checking.
This section contains the following topics: