A fix is available
APAR status
Closed as program error.
Error description
When using the CICS supplied security handler, configured for STS Authentication in a Provider pipeline and expecting a specific name identity token, no message is issued if the specified token is not found in the request security header. Trace will indicate the issue in an exception trace but the problem can be caused by a mistake in the configuration of the security handler, either in the namespavce or local name supplied.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All CICS Users. * **************************************************************** * PROBLEM DESCRIPTION: No message is issued when a CICS * * supplied security handler is used * * in a provider pipeline and an expected * * security token is not found to send to * * the STS. * **************************************************************** * RECOMMENDATION: * **************************************************************** The CICS supplied security handler was configured for STS Authentication in a Provider pipeline and expected a specific named identity token, but none was found in the security header for the request. DFHPITC (the CICS pipeline manager trust handler) issues a PI 170B exception trace entry to report the missing credentials but does not issue a message. Additional keywords: PI170B MISSING_CREDENTIALS msgDFHPI0514
Problem conclusion
DFHPITC has been altered to issue a new message, DFHPI0514, to report the missing credentials. DFHMEPIE has been altered to add the new message. The CICS Transaction Server for z/OS Version 3 Release 2 Messages and Codes manual, GC34-6827-00, has been altered to add message DFHPI0514, after message DFHPI0513, on page 758 as follows: DFHPI0514 DATE TIME APPLID TRANID The CICS pipeline manager has failed to find the required credentials in a request. An element : LOCAL_NAME , in namespace: NAMESPACE , was expected. EXPLANATION: The CICS pipeline manager trust handler, DFHPITC, failed to find the required credentials in a request, when it was expecting a specific type of identity token. This is commonly due to the expected token type not being present in the message, but may be caused by a config- uration error in the security handler. SYSTEM ACTION: A fault is created and the pipeline returns it to the requester. USER RESPONSE: Check the CICS trace and the security handler configuration to determine the cause of the error. DESTINATION: CPIO MODULE: DFHPITC XMEOUT PARAMETERS: date, time, applid, tranid, local_name, namespace
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PK48343
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2007-07-04
Closed date
2007-08-23
Last modified date
2007-09-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK28473
Modules/Macros
DESPITC DFHMEPIC DFHMEPIE DFHMEPIK DFHPITC DFHPITCA DFHPITCM DFHPITCT DFH48343
GC34682700 |
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK28473
UP07/08/25 P F708
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
04 September 2007