PH58260: RECEIVE MESSAGE - ERROR: 'INVALID USERID OR PASSWORD', WHEN ATTEMPTING TO CONNECT TO THE ADFZCC SERVER

Obtain the fix for this APAR.

APAR status

• Closed as program error.

Error description

• When attempting to connect to the Application Delivery
  Foundation for z/OS Common Components (ADFzCC) server, using
  code page IBM-1147, and the password includes special
  character '£', the following message is received:
  
  ERROR: 'INVALID USERID OR PASSWORD'
  

Local fix

• use character # in place of special character £ in the password
  

Problem summary

• ****************************************************************
  * USERS AFFECTED: Users of the ADFzCC Eclipse plugin (used by  *
  *                 the Eclipse clients for File Manager, Fault  *
  *                 Analyzer and Application Performance         *
  *                 Analyzer) who have specified a code page     *
  *                 other than CP037 or CP1047 for encoding      *
  *                 the ADFzCC connection.                       *
  ****************************************************************
  * PROBLEM DESCRIPTION: The ADFzCC connection is converting     *
  *                      userid/password credentials to CP1047   *
  *                      when sending them to the host for SAF   *
  *                      authentication, instead of using the    *
  *                      encoding code page specified on the     *
  *                      ADFzCC connection dialog.               *
  *                      So some invalid password characters     *
  *                      can be accepted by SAF security         *
  *                      managers like RACF if their hex values  *
  *                      in the client code page map to valid    *
  *                      password characters in CP1047 (or       *
  *                      CP037 as used by RACF). An example      *
  *                      is the UK pound symbol (an invalid      *
  *                      password character) which when entered  *
  *                      with codepage 1147 maps to the hash #   *
  *                      symbol (a valid password character) in  *
  *                      CP1047/CP037. The ADFzCC connection     *
  *                      should be using the specified encoding  *
  *                      code page to send login credentials to  *
  *                      the host, like terminal emulators and   *
  *                      other client applications do.           *
  ****************************************************************
  * RECOMMENDATION: Use ADFz Eclipse clients based on Aqua 3.3.4 *
  *                 or later. For File Manager and Fault         *
  *                 Analyzer, this means v15.1.4+.               *
  ****************************************************************
  The ADFzCC connection is converting userid/password credentials
  to code page CP1047 before authenticating with the host instead
  of using the specified client encoding code page like terminal
  emulators and other client applications do.
  

Problem conclusion

• This fix will ensure that userid/password credentials are sent
  to the host for SAF authentication using the encoding specified
  on the ADFzCC connection dialog. Characters will no longer be
  converted to CP1047. This change should not affect users who are
  following the rules of their SAF security manager for valid
  password characters, including the recommendation to avoid using
  national characters $, # and @ in passwords if they are using
  codepages other than cp1047 in their terminal emulator or client
  applications.
  
  If users are not following this recommendation, a
  possible side-effect of this fix is that password characters
  that were previously accepted by the SAF security manager
  because they mapped to valid password characters in CP1047 will
  now be rejected if their hex values in the encoding code page
  represent invalid password characters in CP1047/CP037 as used
  by SAF security managers on the host. For example, the national
  characters # and @ if used with client encoding CP1147 - these
  hex values map to characters in CP1047/CP037 which are not valid
  password characters, so the password will be rejected. But this
  side-effect won't happen for users following the recommendation.
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

  PH58261

Modules/Macros

• IPV0LVL  IPV0LVLJ IPVCMJPN IPVCONFG IPVCTRC  IPVEPRCV IPVEPSND
  IPVLANGO IPVLANGP IPVLANGX IPVLANGZ IPVMKDIR IPVPH004 IPVSRV
  IPVSRVRF IPVSRVSF IPVSRVSL
  

Fix information

• Fixed component name

  ZPDTOOLS CCOMP(

• Fixed component ID

  5655IPV00

Applicable component levels

• R190 PSY UI95934

     UP24/03/13 P F403

Fix is available

• Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.