Skip to Content
Information
Space announcement This documentation space provides the same content as before, but the organization of the content has changed. The content is now organized based on logical branches instead of legacy book titles. We hope that the new structure will help you quickly find the content that you need.

Milestone 6: Configure Workbench Integration

Related topic

Installation-and-Configuration-Guide

This section will guide you through the tasks necessary to integrate Code Debug CICS with Workbench for Eclipse.

If your site

Success

Tip

Workbench for Eclipse can integrate with other Eclipse environments when installed via P2 repository. It is highly recommended to use this configuration when supporting applications featuring Java interoperability as it allows Eclipse to seamlessly transition between debugging perspectives.

Warning

Important

If you need to implement Workbench for Eclipse Integration within a CPSM CICSPlex environment, see “Workbench for Eclipse in a CPSM CICSPlex Environment” inWorkbench for Eclipse the Code Debug CICS Advanced Configuration Guide.

The roles involved in these milestones are the following:

  • CICS System Programmer
  • z/OS Security Administrator
  • Network Administrator
  • Workbench for Eclipse Installer. 

Complete the following tasks to configure Workbench for Eclipse integration.

Task 6.1 Ensure IP CICS Sockets are Defined

The CICS System Programmer role is involved in this task.

Code Debug CICS makes use of IP CICS Sockets for integrating with Workbench for Eclipse. If you do not currently have IP CICS Sockets defined in your CICS regions, follow the installations steps outlined in the IP CICS Sockets Guide supplied with IBM’s z/OS Communication Server.

Warning

Important

Workbench for Eclipse’s integration with Code Debug CICS requires TCP/IP v4.

Task 6.2 Verify IP CICS Sockets Listener Program and Transaction Definitions

The CICS System Programmer role is involved in this task.

XSKL is the default transaction code for the IP CICS sockets listener. If XSKL is not already defined, a sample is in SMXDSAMP member CSDXDTRN. Code Debug CICS requires use of the default CICS sockets listener, EZACIC02, delivered with the z/OS Communications Server. If you have customized this program, see to the Code Debug CICS Advanced Configuration Guide for considerations.

Transaction XSKL will run under the following security (If you choose another transaction code, make note of it for later use in Task 6.5 - Define Listener to IP CICS Sockets):

  • If invoked from the PLTPI, it will run under the CICS PLT user ID (if the listener is started in the CICS PLT) or the ID of the user that invoked the EZAO transaction (if the listener is started using the EZAO transaction).
  • If invoked from a terminal, it will run under the terminal user.
  • Or in all cases, it can run under the default user ID specified in the USERID parameter in the IP CICS EZACICD definition.

  • As previously mentioned in External Security Considerations, the user ID associated with transaction XSKL must be permitted to start a CICS transaction as a surrogate for the Workbench for Eclipse user (for example: read access to *.DFHSTART in CLASS SURROGAT).

    Warning

    Important

    If you wish to limit access to Code Debug CICS by use of Workbench for Eclipse, you should instead secure transaction code XPGD as described in the following Task 6.3 - Define Transaction Code for Limiting Access to Code Debug CICS Using Workbench for Eclipse.

Task 6.3 Verify Transaction Definition for Controlling Access from Workbench for Eclipse

The roles involved in these milestones are the following:

  • CICS System Programmer
  • z/OS Security Administrator

XPGD is the default transaction code for controlling access to Code Debug CICS from Workbench for Eclipse. If XPGD is not already defined, a sample is in SMXDSAMP member CSDXDTRN.

  • If your site has CICS SIT parameter XPCT=YES:
    • If you do not want to limit access, make sure you do not secure this transaction.
    • If your site wants to limit access to Code Debug CICS debugging facilities through the use of Code Debug Eclipse, you may do so by limiting access to transaction XPGD as follows:
      • Define any users you want to allow access by adding user profiles in the ACICSPCT class. Any users added should have READ access.
      • A QUERY SECURITY RESTYPE(TRANSACTION) will be performed for this transaction, and any user with READ access will be allowed to continue. If a user does not have READ access, they will not be allowed to continue, and message MXDSK0026E Access Denied, uuuuuuuu Is Not Authorized To Use

        {{display reference="Mainframe.DevX.BMC-AMI-DevX-Code-Debug-for-CICS.bcxcics1702._SvIncludeLibrary._SvIncludePlusContent-_XpediterCICS_short-1.WebHome"/}}         API (where uuuuuuuu is the user ID) will be displayed in the message log.
    • If your site has CICS SIT parameter XPCT=NO:
      • If you do not want to limit access, make sure transaction XPGD is not secured. This can be done by setting parameter RESSEC(NO) on the XPGD transaction definition (the default shipped with the product).
      • If your site wants to limit access to Code Debug CICS debugging facilities through the use of Code Debug Eclipse, you may do so by limiting access to transaction XPGD as follows:
        • Set parameter RESSEC(YES) on the XPGD transaction definition.
        • Define any users you want to allow access by adding user profiles in the ACICSPCT class. Any users added should have READ access.
        • A QUERY SECURITY RESTYPE(TRANSACTION) will be performed for this transaction, and any user with READ access will be allowed to continue. If a user does not have READ access, they will not be allowed to continue, and message MXDSK0026E Access Denied, uuuuuuuu Is Not Authorized To Use

          {{display reference="Mainframe.DevX.BMC-AMI-DevX-Code-Debug-for-CICS.bcxcics1702._SvIncludeLibrary._SvIncludePlusContent-_XpediterCICS_short-1.WebHome"/}}           API (where uuuuuuuu is the user ID) will be displayed in the message log.

Task 6.4 Define Code Debug CICS Sockets Security Exit

The CICS System Programmer role is involved in this task.

Code Debug CICS provides a sockets security exit, XDPCICSE, which allows users of Workbench for Eclipse to be authenticated. When establishing a debugging session fromWorkbench for Eclipse, a user must provide their mainframe user ID and password.

If you wish to ensure user ID/password authentication and logon, you must specify the parameter SECEXIT=XDPCICSE in the IP CICS Sockets Listener definition in the next section. If you do not require a user to log on to CICS, leave this parameter blank. This will cause the default CICS user ID to be assigned to the task under which the Workbench for Eclipse session runs.

If program XDPCICSE is not already defined, a sample is in SMXDSAMP member CSDXDPRG.

Task 6.5 Define Listener to IP CICS Sockets

The roles involved in these milestones are the following:

  • CICS System Programmer
  • Network Administrator.

This step provides the definition required to enable the Workbench for Eclipse components to connect and communicate properly with the Code Debug CICS Sockets-Based Debugging API. Many of the parameters listed in Figure Definitions for Enabling Listener to IP CICS Sockets - Upper must be specified exactly as shown. Modifying them in any way can result in the unavailability of the Code Debug CICS Sockets-Based Debugging API and complicate problem determination. If you are unsure of any parameter, code it as shown in the following example figure.

Execute the EZAC transaction and define the listener using the EZAC DEFine and ALTer commands.

Warning

Important

If you are sharing a configuration data set among several regions, make sure you create identical definitions for all regions you want Workbench for Eclipse users to be able to connect with. Each definition would require you to modify the APPLID and PORT parameters at a minimum. If you decided above to modify the CICS RDO definition for the XSKL or XSOC transactions, or if you need to create unique definitions by region, you must modify the TRANID and CSTRANid parameters as well. Highlighted parameter values listed in Figure Definitions for Enabling Listener to IP CICS Sockets - Upper must be coded as shown.

XSOC is the default transaction code for the Code Debug CICS sockets interface. If XSOC is not already defined, a sample is in SMXDSAMP member CSDXDTRN.

Transaction XSOC will run under the following security:

  • If the listener is started from the PLTPI, XSOC will run under the CICS PLT user ID. If the listener is started using the EZAO transaction, XSOC will run under the ID of the user that invoked the EZAO transaction.
  • If the XSKL IP CICS socket definition (EZACICD) specifies a default user ID, that user ID will be used.

The USEREXIT parameter can be used if you want to ensure that the user attempting to use Code Debug Eclipse can be authenticated. If you want to require authentication, the program XDPCICSE must be specified. If a user cannot be authenticated, access to Code Debug CICS debugging facilities through Code Debug Eclipse will be prohibited.

The HELP LISTENER command can be used to display and validate the listener definition.

Definitions for Enabling Listener to IP CICS Sockets - Upper 

 EZAC,DEFine,LISTENER (enhanced listener.  screen 1 of 2)     APPLID = ACMEC123

Overtype to Enter

APPLID       ===> ACMEC123             APPLID of CICS System
TRANID       ===> XSKL                 Transaction Name of Listener
PORT         ===> nnnnn                Port Number of Listener
AF           ===> INET                 Listener Address Family
IMMEDIATE    ===> YES                  Immediate Startup Yes|No
BACKLOG      ===> 020                  Backlog Value for Listener
NUMSOCK      ===> 050                  Number of Sockets in Listener
ACCTIME      ===> 060                  Timeout Value for ACCEPT
GIVTIME      ===> 060                  Timeout Value for GIVESOCKET
REATIME      ===> 300                  Timeout Value for READ
RTYTIME      ===> 015                  Stack Connection Retry Time
LAPPLD       ===> NO                   Register Application Data


Verify parameters, press PF8 to go to screen 2

PF 3 END 8 NEXT 12 CNC

Definitions for Enabling Listener to IP CICS Sockets - Lower

 EZAC,DEFine,LISTENER (enhanced listener.  screen 2 of 2)     APPLID = ACMEC123

Overtype to Enter

CSTRANid     ===> XSOC                 Child Server Transaction Name
CSSTTYPe     ===> KC                   Startup Method (KC|IC|TD)
CSDELAY      ===> 000000               Delay Interval (hhmmss)
MSGLENgth    ===> 061                  Message Length (0-999)
PEEKDATa     ===> NO                   Enter Y|N
MSGFORMat    ===> EBCDIC               Enter ASCII|EBCDIC
USEREXIT     ===> XDPCICSE             Name of User/Security exit
GETTID       ===> NO                   Get AT-TLS ID  (YES|NO)
USERID       ===> aaaaaaaa             Listener User ID


Verify parameters, press PF7 to go to screen 1

PF 3 END 8 NEXT 12 CNCL

Task 6.6 Update the HCI Parameter File for CICS Debugging

The roles involved in these milestones are the following:

  • CICS System Programmer
  • Network Administrator.
     

CICS_ENV block parms: Edit the TP Configuration section in the HCI Parameter File for CICS. The CICS_ENV block parameters identify the CICS regions you wish to participate in debugging sessions using Workbench for Eclipse. For more information on CICS_ENV block parameters within the HCI Parameter File, see “CICS_ENV block parms:” in the Enterprise Common Components Configuring Guide.

Specifically:

  • CSTRAN in EZAC must match CICS_ENV SOCK in the HCI Parameter File
  • PORT in EZAC must match CICS_ENV PORT in the HCI Parameter File.

Task 6.7 Enable Code Debug CICS Sockets-Based Debugging

The CICS System Programmer role is involved in this task.

To activate the changes, you have made with the EZAC transaction and in the HCI Parameter File, perform the following:

  • Activate the new listeners using the EZAO transaction. This is not necessary, however, if you have stopped and started IP CICS Sockets.
  • Refresh the HCI parameter member you updated in Task 6.6 Update the HCI Parameter File for CICS Debugging.
  • To implement the changes in the HCI, stop and restart the HCI.

Task 6.8 Validate the Workbench for Eclipse Integration

The Workbench for Eclipse Installer role is involved in this task.

Validation of the Workbench for Eclipse integration requires that Workbench for Eclipse be installed with the Code Debug Eclipse feature. For details on installing Workbench for Eclipse and/or validating Code Debug CICS integration with Workbench for Eclipse, see the Workbench for Eclipse Installation Guide.

The HELP LISTENER and HELP HCI commands can be used to assist in validating and troubleshooting the connection between Code Debug CICS and Workbench for Eclipse.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*

BMC AMI DevX Code Debug for CICS 17.02