Addressing OLTP Solutions with CICS: The Transaction Server ... - Ibm
Addressing OLTP Solutions with CICS: The Transaction Server ... - Ibm
Addressing OLTP Solutions with CICS: The Transaction Server ... - Ibm
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
66 <strong>CICS</strong> for AIX as the <strong>Transaction</strong> <strong>Server</strong><br />
throughput, we recommend that you not run the cicsteld processes on the<br />
same machine as the <strong>CICS</strong> for AIX region. <strong>The</strong> 3270 Telnet client consumes<br />
much of the processor time on the client machine, so using a fast client<br />
machine would improve the response time of the <strong>CICS</strong> transaction.<br />
<strong>The</strong> 3270 Telnet client program, not cicsteld, provides the 3270 emulation.<br />
You must ensure that the 3270 Telnet client program used provides the level<br />
of data stream support, particularly the attributes settable by <strong>CICS</strong> basic<br />
mapping support (BMS), required by your <strong>CICS</strong> transactions.<br />
<strong>The</strong> cicsteld command authenticates to DCE <strong>with</strong> a DCE principal and<br />
password from a keytab file when it is started up. <strong>The</strong> subsequent DCE RPC<br />
call by the cicsteld is considered as an authenticated request when a 3270<br />
Telnet client requests cicsteld to connect to the <strong>CICS</strong> for AIX region. <strong>The</strong><br />
3270 Telnet client is not asked to provide a password. <strong>The</strong> significance of<br />
this is that access to <strong>CICS</strong> transactions and resources on your <strong>CICS</strong> for AIX<br />
region is granted to any Telnet client user who is aware of the port that<br />
cicsteld is listening on. <strong>The</strong>re is a possible security exposure for your<br />
transactions and resources if you choose an inappropriate DCE principal.<br />
Our recommendations for creating a secure environment when using cicsteld<br />
are:<br />
− Restrict execution access to the cicsteld program to a controlled set of<br />
users<br />
− Set up cicsteld to run <strong>with</strong> the DCE principal associated <strong>with</strong> the <strong>CICS</strong> for<br />
AIX region′s default userid that is the default for unauthenicated users<br />
− Encourage Telnet clients to sign on to <strong>CICS</strong> by ensuring that cicsteld<br />
invokes the CESN transaction as the first transaction.<br />
For planning purposes, the storage requirements of the cicsteld process are<br />
close to that of the cicsterm process. An instance of cicsteld must be started<br />
for every connection between a 3270 Telnet client and a <strong>CICS</strong> for AIX region.<br />
<strong>The</strong>refore the number of running cicsteld processes reflects the number of<br />
connections from the 3270 Telnet clients. <strong>The</strong> increased level of<br />
authentication degrades performance.<br />
4.5.5.2 Autoinstall User Exit<br />
<strong>The</strong> CHAT transaction is responsible for performing an autoinstall of the WD for<br />
the <strong>CICS</strong> Client for AIX, generating a terminal identifier based on the first two<br />
characters of the client system. If you have your own version of the autoinstall<br />
user exit in effect and the naming convention of the client system is to maintain<br />
the same first two characters for all client systems, you may have to review its<br />
logic to prevent possible duplication of terminal identifiers.<br />
4.5.5.3 3270 Keyboard Mapping<br />
<strong>The</strong> keyboard mapping for 3270 emulator operation is defined in a keyboard<br />
mapping file. <strong>CICS</strong> for AIX provides a number of keymap files <strong>with</strong> a prefix name<br />
of 3270keys in the usr/lpp/cics/etc directory for a variety of terminals such as<br />
3151, hft, vt100, vt200, xterm, and sun-cmd. You may want to use the 3270 key<br />
mappings provided <strong>with</strong> <strong>CICS</strong> instead of the defaults provided <strong>with</strong> the AIX<br />
operating system. In this case, you have to link or copy the target keymap file to<br />
the appropriate directory to make it effective. Alternatively you could make your<br />
own copy of the keymap file. It is important to have the correct 3270 keyboard<br />
mapping in place for each <strong>CICS</strong> end user. Otherwise user frustration due to the<br />
wrong mapping of keys negates the benefits of using <strong>CICS</strong> Client for AIX