You install the security exits by installing the load module that contains the exit into an APF authorized library. ICSF uses this normal search order to locate the exit:

• Job pack area
• Steplib (if one exists)
• Link pack area (LPA)
• Link list (SYS1.LINKLIB concatenation)

Use the EXIT keyword in the installation options data set to define the ICSF name and load module name. For information about the installation options data set, see Parameters in the installation options data set. The EXIT keyword has this syntax:

• EXIT ( ICSF name, load module name, FAIL (options) )

The ICSF name portion of the keyword refers to the ICSF identifier for each exit, CSFESECI, CSFESECT, CSFESECS, and CSFESECK. The load module name is the name of the load module that contains the exit. The name can be any valid name your installation chooses. The action that the FAIL portion of the EXIT keyword specifies depends on the type of security exit.

For the security initialization and termination exits, the FAIL portion specifies the action ICSF takes if the exit cannot be loaded. The valid FAIL options mean:

NONE

Continue initialization even if exits cannot be loaded.

SERVICE

Continue initialization even if exits cannot be loaded.

EXIT

Continue initialization even if exits cannot be loaded.

ICSF

End ICSF if exits cannot be loaded.

You must specify a FAIL option. If you do not, ICSF returns an error message, ends abnormally, and generates an SVC dump when attempting to load the exit.

If the security initialization exit ends abnormally, ICSF ends. If the security termination exit ends abnormally, ICSF continues to end.

For the security service and key exits, the FAIL portion specifies the action ICSF takes if the exit cannot be loaded or ends abnormally. When the service or key exit is loaded, the valid FAIL options mean:

NONE

Continue initialization even if exits cannot be loaded.

SERVICE

Continue initialization even if exits cannot be loaded.

EXIT

Continue initialization even if exits cannot be loaded.

ICSF

End ICSF if exits cannot be loaded.

You must specify a FAIL option. If you do not, ICSF returns an error message, ends abnormally, and generates an SVC dump when attempting to load the exit.

When the security service exit ends abnormally, the valid FAIL options mean:

NONE

Process subsequent calls to the service as if no abnormal ending occurred. Call the exit for each call of a service.

SERVICE

Fail on subsequent calls to the particular service.

EXIT

Do not call the exit again. Bypass the exit on subsequent calls to any IBM service.

ICSF

End ICSF.

If the security service exit ends abnormally, ICSF ends the service call before performing the service.

When the security key exit ends abnormally, the valid FAIL options mean:

NONE

Process subsequent attempts to access the in-storage CKDS as if no abnormal ending occurred. Call the exit for each access attempt.

SERVICE

Fail on subsequent attempts to access the CKDS.

EXIT

Do not call the exit again. Bypass the exit on subsequent accesses of the CKDS.

ICSF

End ICSF.

If the security key exit ends abnormally, ICSF ends the attempt to access the CKDS before performing the access.