IBM Mainframe Forum

Hi,
I am new to REXX programining.My query is i need to give edit access to a specific file for specific user id's. I am planning to accept their useid's thru TSO teminal( When ever the user enter with there credentials in TSO at that time only he can edit the file). In REXX how to accept the user id?
Thank you.

speak to Your security support group

Hello,

You do not do this. The security admins can tell you how to modify access to the dataset(s).

None of this should be in the REXX code.

It is not clear what you mean here:

When ever the user enter with their credentials in TSO at that time only he can edit the file

Perhaps it works differently somewhere else, but my experience is that you cannot logon and use TSO without already providing your password. You have already proved who you are. Why would you need more 'credentials'?

Pedro: I think bandigurunath is proposing that he validates the userid by obtaining the user's password. bandigurunath: in theory this can be done by an authorized Assembler program, but it is not going to happen in Rexx. Period. Full stop. End of story.

Hello,

The users will provide their id and pswd to log in.

Permission will have to be granted to allow them to edit. This should be done with your security admins.

I guess, you have list of ID's who has authority to edit that particular dataset. And in you rexx code, you have to get logged user-id and compare with your existing list and proceed with edit dataset..

If I guessed correctly, you need built-in-function, which will give current logged in user id.

But as mentioned earlier by others, these edit authority should be in the hand of security admin.

Hello,

built-in-function, which will give current logged in user id.

No, this should NOT be done . . .

The permissions need to be enforced in security, NOT the code.

1. the user has already verified the credentials by providing userid and password to log in.
2. the administrator should issue PERMIT commands to grant permission prior to the user needing access.
3. RACF will manage the list of users authorized to edit a data set.
4. When someone tries to edit a data set, at that time the system determines whether he is not allowed to edit or not and if so, "at that time only he can edit the file"

That is the way the system is supposed to work, without any user written code.

If you are the one to manage the list of authorized users, contact the security administrator to make sure you have RACF CONTROL authority over the data set. You need to be able to issue PERMIT and LISTDSD commands.