A4 Security Violation Error

asadullah · New User Joined: 28 Jul 2005 Posts: 9

When the program issues a CHNG call to another transaction, the IOPCB.SIGNON value contains the user who has last logged in the IMS region. As this user is from a different group, the call ends with A4 security violation. Giving access to the user id for the transaction is out of question is he/she is from a different group and uses the IMS region regularly.

Is there a way to override IOPCB.SIGNON value so that the security violation can be avoided?

Sandy Zimmer · Posted: Thu Jul 10, 2008 8:36 pm

I would never-ever hard code anything to override security. So, the answer is NO.

asadullah · New User Joined: 28 Jul 2005 Posts: 9

so given the scenario is there a solution to avoid this Security violation error.

Sandy Zimmer · Posted: Wed Jul 16, 2008 3:50 pm

Do you have a IMS systems programmer available to help?

dick scherrer · Posted: Wed Jul 16, 2008 9:22 pm

Hello,

asadullah · New User Joined: 28 Jul 2005 Posts: 9

I understand your point. But doing so will not be correct logically because the problem has two aspects to it.

->We have a set of users who use IMS region who use it to send some messages, and while they use the region to send the messages. Inadvertently or by pure co-incidence one of my application job issues a CHNG call to another transaction code purely for my application purpose.

->Now because the job is automated the SIGNON value in the Transaction does not have any value. Hence the system automatically picks up the user id of person who last used IMS region(I really do not have an explanation for this argument, but the system behaves like that), and when it picks up any of the users who are outside the transaction authorization group is throws an A4 error. Obviously giving access to users for a transaction which they are not at all aware of does not make any sense businesswise as it has to be approved by project managers.

Hence I would like to know if there is any way of overriding IMS SIGNON value before the CHNG call is issued. Because any way the CHNG call is issued by a job which is a part of the application.

I have checked many references for an answer but so far only in vain:)

asadullah · New User Joined: 28 Jul 2005 Posts: 9

Also there is hardly any help from the IMS systems programmers so far.

Sandy Zimmer · Posted: Thu Jul 17, 2008 4:25 pm

Think about REUS - re-entrant. Many users can be using the same copy of the program executing in a region.

Are you including signon info when you pass your message? The IMS systems programmers group assign the regions where specific transactions execute.

asadullah · New User Joined: 28 Jul 2005 Posts: 9

Sorry for the delayed response..was on vacatoin:)

When the messages are sent the SIGNON field has the user id as value. When my program reads the tran the SIGNON field in the tran is spaces as the tran is automatically initiated at a particular time. So IMS somehow assigns the userid to the SIGNON field in the TRAN and hence it abends with A4.

Sandy Zimmer · Posted: Tue Jul 29, 2008 5:47 pm

So, when the message comes into your program it has the correct user id - correct? Or, is it spaces when it comes into your program? Does your transaction come in from any type of menu? I am trying to determine at what point your signon field is corrupted. You cannot assume that your back and forth working storage area belongs to you. If your program is executing in a region with others using the same transaction, you need to be sure that you initialize every time you come in - move input message fields to output message area fields, etc.