The Cross Authorization table

If the target user identifier field is non-blank, the first thing the supplied security exit TBDKUSID does is access the Cross Authorization table, TBOLXAUT. This table indicates whether a user is authorized to sign on to tablesONLINE/CICS using another user ID. This allows an application developer to sign on as an end user for testing purposes, or a group administrator to access the menus of users under his or her supervision.

When a value is entered, the exit assumes that this user ID is different from the identifier used to signon to CICS. TBOLXAUT is accessed to verify that the user who is signed on to CICS under one user ID has the authority to access tablesONLINE/CICS using another ID. If there is an entry in the Cross Authorization table indicating that the user does in fact have that authority the signon procedure continues.

If your CICS system does not use signon security, the table TBOLXAUT can be set up to translate whatever EXEC CICS ASSIGN USERID returns into an acceptable target user ID as entered when signing on to tablesONLINE. For example, if CICS returns the value ‘CICSUSER’, then an entry of CICUSER for the signon user ID and TBUS0001 for the target user ID will allow TBUS0001 to sign on to tablesONLINE.