Access authorization for the file accessed by the request is always performed by openFT itself, regardless of whether FTAC is used. The access authorization is checked after a positive transfer admission check (see previous section). The access authorization is checked for the user named in the request's TRANSFER-ADMISSION or for the user determined by FTAC using the information in the TRANSFER-ADMISSION (in the relevant profile) or by the openFT-specific exit routine

The procedure for checking access authorization distinguishes between read access (send file) and write access (receive file). If the user does not have the appropriate access authorization, the transfer request is rejected.

A distinction must be made between the following cases:

• RACF is installed and active:

  openFT uses RACF to check the user's authorization to access the send or receive file (read or write access). The RACROUTE macro makes use of the RACF macro RACHECK with the resource class DATASET for this purpose. For technical reasons the RACROUTE macro again calls on the RACF macro RACINIT to supply the user ID specified in TRANSFER-ADMISSION, generally together with the associated user password.

• RACF is not installed or is not active:

  In this case, the user's authorization to access a file is checked only in the case of a receive file which is password-protected according to the catalog entry. The file password specified in the NCOPY command for the receive file is then checked against the relevant entry in the PASSWORD file of the system (PROTECT macro). No password check takes place for send files (which can only be read).