A fix is available
APAR status
Closed as program error.
Error description
An ECI request is sent over IPIC with a USERID 7 bytes long. USD1 key is 10 bytes long, so CICS paddes the USERID with blanks. This makes a userid of length 7 with 3 blanks as a userid of length 10. This allows the length of 10 to work when the user is already in the USD1 directory, but to fail when the USERID must be added in the security domain. When DFHXSSA tries to ADD_USER_WITHOUT_PASSWORD an EXCEPTION is issued because USERID_NOT_DEFINED. This cause DFHIS1027 - Security violation has been detected using IPIC - to be issued . DFHUSAD should ignore trailing blanks in the userid.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: MsgDFHIS1027 "Security violation has * * been detected using IPCONN" is issued * * when using IPCONN and userid is padded * * with blanks. * **************************************************************** * RECOMMENDATION: * **************************************************************** The CICS Transaction Gateway is communicating with CICS using an IPCONN connection, and a userid with blank padding is received by CICS. If the user is not currently known to CICS then it must be added to the user domain. DFHUSAD passes the full length of the user id, inclusive of trailing blanks. When DFHXSSA tries to ADD_USER_WITHOUT_PASSWORD an EXCEPTION is issued because USERID_NOT_DEFINED. Then message DFHIS1027 is issued.
Problem conclusion
DFHUSAD has been changed to remove the trailing blanks in the userid.
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PM82973
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-02-18
Closed date
2013-05-21
Last modified date
2013-06-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PM84800 UK94551
Modules/Macros
DFHUSAD
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK94551
UP13/06/01 P F305
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
04 June 2013