CICS Transaction Server for z/OS V3.2

CICS APPLICATION CONNECTIVITY

A range of new functions is provided that meet the demands of customers to provide increased maturity in the Web services implementation, including support for new standards, and to enable the use of a consistent IP network infrastructure for CICS-to-CICS connectivity.

Support for WSDL 2.0:

CICS TS V3.2 introduces support for the latest level of the Web Services Description Language (WSDL), WSDL 2.0, which is currently being finalized by the World Wide Web Consortium (W3C). WSDL 2.0 ensures that CICS will interoperate with modern tools, infrastructure and service components in the SOA environment.

WSDL 2.0 has clarified the role of WSDL and made it much simpler. In particular, it has clarified the role of WSDL to that of defining resources rather than defining service compositions. The W3C Working Group determined the role of service composition was better dealt with by choreography and/or orchestration. Another change has been the elimination of the message construct. Now operation definitions refer to XML Schema element declaration instead. There has been further clarification of message exchange patterns: the definition of the pattern now indicates the order of the messages in addition to the source and destination. These, together with other changes, make WSDL 2.0 a more usable service description language than WSDL 1.1.

WSDL 2.0 presents a component model for describing resources, rather than the data actually being exchanged. As such users will need to migrate to WSDL 2.0 tooling to generate implementation code. The CICS Web Services Assistant has been enhanced to support both WSDL 1.1 and 2.0.

Web services support for MTOM and XOP:

Support is introduced in CICS TS V3.2 for the SOAP Message Transmission Optimization Mechanism (MTOM) and XML-binary Optimized Packaging (XOP) specifications from the W3C. Together these specifications, often referred to as MTOM/XOP, optimize the transmission of binary information, such as photographs or scanned signatures, within SOAP messages.

The MTOM specification defines a method for optimizing SOAP messages by separating out binary data, and sending it in separate binary attachments using a Multipurpose Internet Mail Extensions (MIME) Multipart/Related message. This type of MIME message is called an MTOM message, and significantly reduces the size of the SOAP message, and so optimizes its transmission efficiency and greatly reduces message parsing processing time. The XOP specification defines an implementation for optimizing SOAP messages that use MTOM.

CICS TS V3.2 supports these specifications in both Web service requester and provider pipelines.

Support for WS-I Basic Profile 1.1 and Simple SOAP Binding Profile 1.0:

The Web Services Interoperability Organization (WS-I) promoted the Basic Profile (BP) 1.1 and Simple Soap Binding Profile (SSBP) 1.0 specifications to final material in 2004, and has published an updated set of compliance guidelines to help with adherence to Web services standards. CICS TS V3.2 is compliant with these guidelines, providing enhanced interoperation in an SOA environment. This compliance also applies to CICS TS V3.1.

Support for the WS-Trust specification in WS-Security:

CICS TS V3.2 provides support for the WS-Trust February 2005 specification.

In larger enterprises or in collaboration between enterprises, it can be cumbersome for Web service providers to build a chain of direct trust to all possible clients. In addition, the Web service requester may not support the same security mechanisms as the Web service provider. For example, the requester may only support Kerberos and the provider X.509 certificates. Unless the Web service requester and provider are in the same security domain, the security tokens must be vouched for by a third party who is trusted by both the requester and provider. In the WS-Security model, this trusted third party is a Security Token Service (STS).

The WS-Trust specification provides a standard way to address these interoperability and management issues by using a STS. A STS can exchange or issue security tokens to requesters of a Web service or validate security tokens for the Web service itself. WS-Trust defines the SOAP protocols for interacting with a STS.

CICS support for WS-Trust includes the following functions:

• Provides standard protocols and standard interfaces (in WSDL) for communication with an STS

• Supports CICS as requester interacting with STS (push model)

• Supports CICS as provider interacting with STS (pull model)

• Supports Tivoli Federated Identity Manager (TFIM) as the STS authentication broker

• Supports a user-defined list of trusted STSs

IP interconnectivity for DPL:

As part of a multi-release initiative, CICS TS V3.2 introduces a new TCP/IP-based intercommunication protocol as an alternative to that provided via ISC or MRO, allowing Distributed Program Link (DPL) requests to be routed between CICS TS V3.2 regions over a TCP/IP network. This IP Interconnectivity for DPL function offers similar capabilities to those provided using ISC or MRO intercommunication protocols, including transactional syncpointing, security controls, and support for the exchange of either COMMAREAs or channels and containers. In addition, CICS offers SSL encryption and authentication support for this IP interconnectivity protocol.

Customers will be able to continue to use their existing connection definitions to route work within the sysplex using MRO and between systems using ISC over SNA. For DPL workloads they will be able to replace their existing SNA-based ISC intercommunication with IP interconnectivity, providing for network simplification, and the exploitation of System z networking enhancements including gigabit OSA-Express, and the HiperSockets facility provided by IBM Communications Server. MRO, ISC, and IP Interconnectivity networks and definitions will be able to coexist, and a migration utility is provided to assist in migrating CICS CONNECTION resources to the new IPCONN definitions that will be required.

Enhanced TCP/IP management and control:

As new capabilities are introduced for IP interconnectivity, CICS TS V3.2 also introduces management and control facilities that allow work passing in and out of regions over a TCP/IP network to be monitored and managed. Work arriving into a CICSPlex now has point-of-entry information recorded with it. Users are then permitted to customize and extend this data to allow each request to be uniquely identified for tracking purposes. They can also extract information relating to a request at the point of entry and store this for off-line analysis. In addition, CICS and the TCP/IP stack now also exchange information whenever CICS acquires a socket, such that the relationship between the stack and a CICS region is recorded, making it easier to track the progress of work items between these products.

The management and control facilities provide a consistent view of work passing between CICS regions and as such enable the use of CICSPlex SM, or of other equivalent tools, to:

• View the TCP/IP network across the CICSPlex

• View TCP/IP connections from clients connected over the following transports: SOAP over HTTP, HTTP, or IIOP

• Monitor TCP/IP network resources being used by a CICS region

• View the work passing in and out of a CICS region over TCP/IP

• Identify bottlenecks or blockages in the system

• Reconfigure the regions for improved throughput

• Locate tasks that have stalled, and then permit them to be forced to complete or roll back

Monitoring data, containing point of origin information, can also be collected and stored so that it can be examined off-line at a later time, enabling, for example, the diagnosis of connectivity and other problems, or capacity planning work. CICSPlex SM offers new interfaces to analyze this information.

Updates for CICS Web Support:

Improvements are made to the CICS support for HTTP transport infrastructure. Additional functions include improvements to security for CICS Web Support. Where CICS is acting as a server, basic authentication, client certificate authentication and resource level security are provided for delivery of static content using URIMAP definitions. As a client, samples are provided showing how to manage basic authentication passwords using LDAP and TFIM. A range of enhancements improves usability, including support for containers on Web APIs. This allows Web API commands in converter programs, and conversion options on all Web API commands. The document API now has UTF-8 support, a new DELETE verb, and allows newcopy and caching of document templates.

Also introduced is the extension of the Web API commands to use containers. Changes are made to the container API (introduced in CICS TS V3.1) to allow character string code pages on commands as an alternative to coded character set identifier (CCSID) code pages. This means that the user application does not have to switch between code page formats when working with the container and Web API.

Further enhancements are provided to improve serviceability and maintainability. The new capability for writing Web recovery code in the Web error program User Replaceable Modules (URM) allows:

• The issuing of EXEC CICS Web commands

• The processing of errors encountered during delivery of static content (URIMAP)

• The processing of errors encountered when the application is acting as an HTTP client