A fix is available
APAR status
Closed as program error.
Error description
MSG DFHIS1027 occurs when the recover/resync transaction CISX flows to CICS. This indicates a security violation due to remote attach request for tran CISX does not have a userid. Hence the attach of the recover/resync transaction fails to execute.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: Using an IPIC connection with Userauth * * Identify causes DFHIS1027 for * * transaction CISX. * **************************************************************** * RECOMMENDATION: * **************************************************************** DFHISIS recovery/resync has a remote attach request for CISX but without a userid for Userauth Identify and without a userid and password for Userauth Verify. As authorization has been requested the security check fails with msgDFHIS1027. CISX should not require authorization.
Problem conclusion
DFHISIS has been changed to exclude CISX from security checking. DFH$CAT1 and DFHXSRC have been changed to include CISX as a category 1 transaction. A category 1 transaction is never associated with a terminal and CICS checks that the region userid has authority to attach these transactions. The CICS Transaction Server for z/OS Version 3 Release 2 RACF Security Guide SC34-6835-01 will be updated to include CISX as a category 1 transaction in table 15 page 141 as follows: Transaction Program CSD Group Security Description category CISX DFHISREX DFHISCIP 1 IPCONN recovery and resynchronization transaction for XA clients The CICS Transaction Server for z/OS Version 3 Release 2 Migration from CICS TS Version 1.3 GC34-6855-02 will be updated to add CISX in the Additions to CICS RACF category 1 transactions on page 35. The CICS Transaction Server for z/OS Version 3 Release 2 Migration from CICS TS Version 2.2 GC34-6856-02 will be updated to add CISX in the Additions to CICS RACF category 1 transactions on page 28. The CICS Transaction Server for z/OS Version 3 Release 2 Migration from CICS TS Version 2.3 GC34-6857-02 will be updated to add CISX in the Additions to CICS RACF category 1 transactions on page 27. The CICS Transaction Server for z/OS Version 3 Release 2 Migration from CICS TS Version 3.1 GC34-6858-02 will be updated to add CISX in the Additions to CICS RACF category 1 transactions on page 20. The CICS Transaction Server for z/OS Resource Definition Guide Version 3.2 SC34-6815-02 will be updated to add CISX in Appendix B CICS Transactions Supplied by IBM on page 630. Transaction Program CSD Group Security Description category CISX DFHISREX DFHISCIP 1 IPCONN recovery and resynchronization transaction for XA clients The CICS Transaction Server for z/OS CICS Supplied Transactions Version 3.2 SC34-6817-01 will be updated to add CISX in Appendix. List of CICS transactions on page 567. Transaction Program CSD Group Security Description category CISX DFHISREX DFHISCIP 1 IPCONN recovery and resynchronization transaction for XA clients
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PK91639
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-07-17
Closed date
2009-10-29
Last modified date
2009-12-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PK93720 UK51540
Modules/Macros
DESISIS DESXSRC DESXSUT DFH$CAT1 DFHISIS DFHXSRC
SC34683501 | GC34685502 | GC34685602 | GC34685702 | GC34685802 |
SC34681502 | SC34681701 |
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK51540
UP09/11/03 P F911
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
02 December 2009