Except for a prelocate call to LISTDSD or SEARCH, when the ICHCNX00
preprocessing exit routine returns control, register 15 should contain
one of the following return codes:
Hex |
(Decimal) |
Meaning |
---|
0 |
(0) |
Normal processing is to continue. |
4 |
(4) |
The request is not accepted, and is to be failed. The failure
is to be logged (if logging is in effect), and a message is to be
issued. |
8 |
(8) |
The request is not accepted, and is to be failed. The failure
is to be logged (if logging is in effect), but no message is to be
issued. Note, however, that messages can be issued through the PUTLINE
I/O service routine by using the CPPL address passed at offset 44
in the parameter list. This return code allows the exit routine to
fail the request, with the option of sending its own message without
a RACF® command message being
issued. |
C |
(12) |
Exit-routine processing is complete, and the request is granted.
No authorization processing is to be performed, but other normal
processing (such as logging) is to continue. |
If register 15 contains any other value, processing proceeds as
if the return code were 0.
Note: - The prelocate call to ICHCNX00 from LISTDSD and SEARCH allows
an installation to modify the name of the profile to be located so
that it matches the naming conventions of RACF. RACF ignores
the return code from a prelocate call. LISTDSD and SEARCH also issue
a postlocate call to ICHCNX00. Therefore, you cannot use this exit
to cancel a LISTDSD or SEARCH command until the postlocate call has
been completed.
- The data-set-type address, located at offset 36 in the parameter
list, is zero except as a result of ADDSD, RACROUTE REQUEST=DEFINE
DEFINE, and RACROUTE REQUEST=DEFINE RENAME processing. In these cases,
the exit can set the field to be used by the caller to determine whether
the data set to be created is a user data set or a group data set.
- Only return codes 0 and 4 are valid for RACROUTE REQUEST=EXTRACT.
When return codes 0 and C are issued for ADDSD, RACROUTE REQUEST=DEFINE
DEFINE, and RACROUTE REQUEST=DEFINE RENAME, the exit must supply sufficient
information to allow RACF to
determine the type of data set to be created.
When the exit return code is 0:
- If the data set type is set to X'80', a user profile
must exist to match the qualifier field (at offset 32).
- If the data set type is set to X'40', a group profile
must exist to match the qualifier field (at offset 32).
- If the data set type is set to X'01' or to any other
value, either a user or a group profile must exist.
In each of the above cases, normal authorization processing continues.
When the exit return code is C:
- If the data set type is set to X'80' or X'40',
the request is processed.
- If the data set type is set to X'01' or to any other
value, either a user or a group profile must exist, but the command
issuer need not have any other authority.