A fix is available
APAR status
Closed as program error.
Error description
You apply one of the following PTFs to your CPSM environment: . Release PTF APAR 4.1 UI40460 PI66813 4.2 UI40461 PI66813 5.1 UI40462 PI66814 5.2 UI40463 PI66814 5.3 UI40464 PI66792 . Afterward, you find security checks being made for the wrong resource names. For example, you retrieve definitions for transactions. That should generate a check against resource BAS.DEF.xxxxx but instead it generates one for BAS.TRAN.xxxxxx. This may result in RACF violations against the new resource names. . The BAS.TRAN.xxxxx or BAS.FILE.xxxxx type resource names, with a resource type in the second node, is only supposed to be used for installing the resources, not viewing them. The BAS.DEF.xxxxxx resource name is what CPSM should be checking when they are viewed. . Additional Symptom(s) Search Keyword(s): KIXREVSVR
Local fix
Temporarily permit RACF access.
Problem summary
**************************************************************** * USERS AFFECTED: All CICSPlex SM V5R4M0 Users * **************************************************************** * PROBLEM DESCRIPTION: You might not be able to retrieve the * * following resource definitions through * * WUI, CPSM Explorer or CPSM GET API, due * * to security check failure: * * * * ATOMDEF MAPDEF * * BUNDDEF MQCONDEF * * CONNDEF PARTDEF * * DB2CDEF PIPEDEF * * DB2EDEF PROCDEF * * DB2TDEF PROFDEF * * DOCDEF PROGDEF * * EJCODEF PRTNDEF * * EJDJDEF RQMDEF * * ENQMDEF SESDEF * * FENODDEF TCPDEF * * FEPOODEF TDQDEF * * FEPRODEF TERMDEF * * FETRGDEF TRANDEF * * FILEDEF TRNCLDEF * * IPCONDEF TSMDEF * * JRNMDEF TYPTMDEF * * JVMSVDEF URIMPDEF * * LIBDEF WEBSVDEF * * LSRDEF MQMONDEF * **************************************************************** * RECOMMENDATION: After applying the PTF that resolves this * * APAR, all CMASes must be recycled to pick * * up the new code. Note that CMASes do not * * need to be brought down and restarted at * * the same time. * **************************************************************** When you retrieve the BAS resource definitions through WUI, CPSM API or CICS Explorer, method EYU0BAGQ ( BAGQ - BAS Frontend Data Repository Get ) is driven to get requested definitions from the data repository. Prior to the execution of BAGQ, method EYU0CRCK ( CRCK - Access Authority Checking ) is called to check if the user has authority to execute the requested service. CRCK calls method EYU0XLML to build main XLXS and alternative XLXS. Based on the XLXSes, CRCK populates the profile name, and passes it along with other information to the external security manager for checking. CRCK might populate an incorrect profile name, which can result in invalid results from the external security manager processing.
Problem conclusion
Module EYU0CRCK has been updated to populate correct profile name for BAGQ services.
Temporary fix
Comments
APAR Information
APAR number
PI83342
Reported component name
CICS TS Z/OS V5
Reported component ID
5655Y0400
Reported release
10M
Status
CLOSED PER
PE
NoPE
HIPER
YesHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-06-20
Closed date
2017-09-05
Last modified date
2017-10-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI50068
Modules/Macros
EYU0CRCK
Fix information
Fixed component name
CICS TS Z/OS V5
Fixed component ID
5655Y0400
Applicable component levels
R10M PSY UI50068
UP17/09/08 P F709 ¢
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.4","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.4","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
02 October 2017