While some have suggested creating your own class, there is an off-the-shelf class suitable for XDC's use: XFACILIT.
- Maximum resource length is 246 - Default return code is 8 (everything is denied if the resource is not defined) This is just as suitable as creating your own class name, and possible preferable if there are going to be a small number of resources. Just my 2¢.. Hayim Hayim Sokolsky (he/him/his) Director, Software Engineering Rocket Software, USA E: [email protected] W:RocketSoftware.com -----Original Message----- From: IBM Mainframe Discussion List <[email protected]> On Behalf Of David Cole Sent: Sunday, November 12, 2023 05:40 To: [email protected] Subject: RACF, the FACILITY class, and z/XDC EXTERNAL EMAIL I've got a problem. Decades ago, I made some assumptions about RACF's FACILITY class that have turned out to be wrong. Currently, I'm working on implementing a new security rule for z/XDC, and the individual rules ("entities") can be up to 59 characters long. Decades ago, when I was porting z/XDC's security rules from ACF2 to RACF, I made the decision to piggy-back my security rules into RACF's FACILITY class. I didn't know much about RACF then (and I still don't), and it did not occur to me that rule length would be an issue. I was wrong. It is an issue. Yesterday, I was testing with an instance of the new rule that was 44 characters long. Boom! My "RACROUTE REQUEST=AUTH" (racheck) call failed with "ICH409I 282-054 ABEND DURING RACHECK PROCESSING". This basically means that the entity I passed (my 44-character rule) was too long for its class (FACILITY). Ouch! So now I have several questions that I'm hoping someone here can provide answers to. * What is the longest entity the FACILITY class will accept? * Where do I find that specific fact doc'd? * Is there a command that will display that information? * Is there a catch-all class that z/XDC can use for its rules other than FACILITY? * Where do other vendors put their rules? Asking for a friend [:-J] Dave Cole ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN ================================ Rocket Software, Inc. and subsidiaries ■ 77 Fourth Avenue, Waltham MA 02451 ■ Main Office Toll Free Number: +1 855.577.4323 Contact Customer Support: https://my.rocketsoftware.com/RocketCommunity/RCEmailSupport Unsubscribe from Marketing Messages/Manage Your Subscription Preferences - http://www.rocketsoftware.com/manage-your-email-preferences Privacy Policy - http://www.rocketsoftware.com/company/legal/privacy-policy ================================ This communication and any attachments may contain confidential information of Rocket Software, Inc. All unauthorized use, disclosure or distribution is prohibited. If you are not the intended recipient, please notify Rocket Software immediately and destroy all copies of this communication. Thank you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
