A fix is available
APAR status
Closed as program error.
Error description
An ECI request is sent over IPIC with a USERID 7 bytes long. USD1 key is 10 bytes long, so CICS paddes the USERID with blanks. This makes a userid of length 7 with 3 blanks as a userid of length 10. This allows the length of 10 to work when the user is already in the USD1 directory, but to fail when the USERID must be added in the security domain. When DFHXSSA tries to ADD_USER_WITHOUT_PASSWORD an EXCEPTION is issued because USERID_NOT_DEFINED. This cause DFHIS1027 - Security violation has been detected using IPIC - to be issued . DFHUSAD should ignore trailing blanks in the userid.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: MsgDFHIS1027 "Security violation has * * been detected using IPCONN" is issued * * when using IPCONN and userid is padded * * with blanks. * **************************************************************** * RECOMMENDATION: * **************************************************************** The CICS Transaction Gateway is communicating with CICS using an IPCONN connection, and a userid with blank padding is received by CICS. If the user is not currently known to CICS then it must be added to the user domain. DFHUSAD passes the full length of the user id, inclusive of trailing blanks. When DFHXSSA tries to ADD_USER_WITHOUT_PASSWORD an EXCEPTION is issued because USERID_NOT_DEFINED. Then message DFHIS1027 is issued.
Problem conclusion
DFHUSAD has been changed to remove the trailing blanks in the userid.
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PM85553
Reported component name
CICS TS Z/OS V5
Reported component ID
5655Y0400
Reported release
800
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2013-03-26
Closed date
2013-05-21
Last modified date
2015-03-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK94605
Modules/Macros
DFHUSAD
Fix information
Fixed component name
CICS TS Z/OS V5
Fixed component ID
5655Y0400
Applicable component levels
R800 PSY UK94605
UP13/06/01 P F305
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Line of Business":{"code":"LOB35","label":"Mainframe SW"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.1"}]
Document Information
Modified date:
10 September 2020