A fix is available
APAR status
Closed as new function.
Error description
Internal enhancements required for support of Distributed Identities.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users. * **************************************************************** * PROBLEM DESCRIPTION: Support for distributed identity * * propagation. * **************************************************************** * RECOMMENDATION: * **************************************************************** This PTF provides the support for z/OS identity propagation capabilities that allow security identities operating in the distributed environment to be associated with security identities used on the server (z/OS user IDs). This enables CICS applications to participate in end-to-end security solutions, and therefore benefiting from improved cross-platform accountability and auditing, providing an alternative to custom written identity mapping. This function provides support for identity contexts in the following cases: - Inbound to CICS from WebSphere Application Server through the CICS ECI resource adapter over a trusted IPIC connection - Inbound to CICS as a WS-Security header element in a Web services request. - Propagating out across IPIC and MRO connections between CICS systems in the same sysplex.
Problem conclusion
Temporary fix
FIX TOO LARGE FOR RETAIN, THE FIX MAY BE AVAILABLE IN DLL
Comments
CICS has been changed to provide the functional changes for Identity Propagation. To use the new function it will be necessary to use z/OS 1.11 and a compatible client to provide a distributed identity. The function is supplied disabled. APAR PK83741 will provide the enablement. The CICS Transaction Server for z/OS v4.1 Information Center will be updated with the following information relating to identity propagation; - New background identity propagation topics - New topics describing configuration of RACF, IPIC and Web Services for identity propagation - New DataPower scenario - Updates to terminology - Clarification of identity propagation terms in INQUIRE ASSOCIATION and INQUIRE ASSOCIATION LIST - Updates to IPCONN resource information for IDPROP attribute - Updates to Supplementary Data Areas to include identity propagation fields - New trace entries - New and updated messages and codes - New diagnosis reference gates The following manuals are also updated; RACF Security Guide (SC34-7003-00) What's New (GC24-6994-01) Web Services Guide (SC34-7020-00) Performance Guide (SC34-7033-00) Resource Definition Guide (SC34-7000-00) System Programming Reference (SC34-7024-00) Supplied Transactions (SC34-7004-00) Trace Entries (SC34-7013-00) CICS Messages and Codes (SC34-7035-00) Supplementary Data Areas (GC34-7015-00) Diagnosis Reference (GC34-7038-00) Upgrading from CICS TS Version 2.3 (GC34-6996-00) Upgrading from CICS TS Version 3.1 (GC34-6997-00) Upgrading from CICS TS Version 3.2 (GC34-6998-00) ž**** PE10/03/19 FIX IN ERROR. SEE APAR PM09787 FOR DESCRIPTION
APAR Information
APAR number
PK95579
Reported component name
CICS TS Z/OS V4
Reported component ID
5655S9700
Reported release
600
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function
Submitted date
2009-09-08
Closed date
2009-12-08
Last modified date
2010-05-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UK52681 UK52683 UK52684 UK52686 UK52688
Modules/Macros
CHAPT027 DESAPTC DESCRR DESISAL DESISCO DESISDM DESISDUF DESISEM DESISIC DESISIS DESISLQ DESISM ***This field was truncated. To obtain the full apar record, please contact your local support center.***
| SC34700300 | GC24699401 | SC34702000 | SC34703300 | SC34700000 |
| SC34702400 | SC34700400 | SC34701300 | SC34703500 | GC34701500 |
| GC34703800 | GC34699600 | GC34699700 | GC34977800 |
Fix information
Fixed component name
CICS TS Z/OS V4
Fixed component ID
5655S9700
Applicable component levels
R60W PSY UK52683
UP09/12/18 P F912
R600 PSY UK52681
UP09/12/18 P F912
R601 PSY UK52684
UP09/12/18 P F912
R602 PSY UK52686
UP09/12/18 P F912
R603 PSY UK52688
UP09/12/18 P F912
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"4.1","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"4.1","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
28 May 2010