Transaction protection

As described before only the users with an authorization set  that matches the protection level requested by a transaction definition, may execute the it.

The protection level is number varying from1 to 64, and it is simply an unique identifier. This means that there is no relationship between a level and its predecessors or successors and therefore level N has no more or less rights that N-1 or N-2.

Each transaction is defined in the XCICS/TS configuration file with the "define transaction" directive and it is provided with a protection level, like in this example:

define transaction code=TAB1, program=TAB1PGM, twa=512, protection=3;
define transaction code=TAB2, program=TAB2PGM, twa=512, protection=3;
define transaction code=LOGO, program=LOGOPGM, twa=512, protection=25;
define transaction code=TYYY, program=TYYYPGM, twa=512, protection=8;

This means that only those users with an authorization set including level 3 can execute the transaction TAB1 and TAB2,  only those users with an authorization set including level 25 can execute the transaction LOGO and only users with authorization set including level 8 can execute TYYY.

The users are defined with the "define user" directive and, by means of the "auth" attribute, an authorization set is bind to them:

define user name=GUEST, auth="1,25";
define user name=OPERATOR, auth="1-3,25";
define user name=EMPLOYEE, auth="8-12";
define user name=MASTER, auth="1-64";

In this example XCICS/TS will allow the execution of: