access

access={read,update,alter}

Parameters:

access

Lists one or more tokens (separated by commas and/or spaces) that enable a form of access. Tokens are case insensitive.

The possible access types are:

read: Allows read access to files.
update: Allows write access to existing files.
alter: Allows creating new files.

Properties:

Default:: read, update, alter
Values:: Any or all of: read, update, alter

Comments:

The access security configuration option is useful as a defensive measure if an RFA listener is only intended for read-only or update access to files. Some sites might have multiple RFA listeners, where some have read-only access (to allowed paths) and are broadly available, while others have update or alter access but are more tightly restricted.

The access level specified with this option is a maximum: other security checks, such as the ESF Authorization checks against the PHYSFILE class if external security is configured, can further restrict access, but they cannot grant permission that is denied by the access configuration setting.

Note: This setting applies to native file access and dataset access. Spool access is always read-only; denying read access with this setting will prevent retrieving spooled data. This setting does not apply to COBOL File Service access, which is used by the new IDE-hosted COBOL data file editor.

Example:

The following restricts the listener to read-only access, regardless of other security rules:

[Security]
access=read