Ok, so if the APPL= parameter is specified on a RACROUTE REQUEST=VERIFY call, the value of APPL= is used both to determine the user's authorization to login at all ( if a resource of with the same name as APPL= exists in resource class APPL).  If "something else" wants to generate a pass ticket for that user for that application, then there must be a resource in the PTKTDATA class that has the same name.  

However, "what if" the application in question does not provide a value for APPL= on the RACROUTE REQUEST=VERIFY call?  (APPL= is, after all an optional parameter), then:

• Is it even possible for another process to obtain a pass ticket for the application, since there is no name provided on the call for use in locating the PTKTDATA resource?
• In cases where the RACROUTE REQUEST=VERIFY call did not provide APPL=,  is there a 'default' value taken from some other attribute (jobname/STC name perhaps) that can be used to look up a PTKTDATA resource for generating a pass ticket?
• What if the application in question does not provide APPL= on the VERIFY call, but instead checks access on a subsequent RACROUTE REQUEST=AUTH call for a resource in the APPL class.  Is it even possible for "some other procsess" to obtain a pass ticket for such an application that separates the VERIFY (ACEE creation) call from the authorization call, and if so, how is the applicable PTKTDATA resource located?

TIA,

For starters you could read Determining PTKTDATA profile names and check the description for batch jobs to see how applications without an APPL parameter are covered.

------------------------------
Rob van Hoboken
------------------------------