"Auditing-Possibility" for POE OPTIONS(88) - ONLY HONOR TERMINAL ON SOURCE PROTECTION

Document ID : KB000005990
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

With the introduction of fix RO88216, if a POE= was passed on the      

RACROUTE REQUEST=VERIFY,ENVIR=CREATE security call, TSS will honor     

the value passed in the POE= and check for a SOURCE restriction in the 

user's record or profile.  If the acid has a SOURCE restriction and    

does NOT a match the value passed in the POE=, then the sign on will   

fail with TSS7171E Unauthorized Source of System Entry.                

 

Resolution:

APAR #: TR94142 

This fix, along with setting OPTIONS(88) in the TSS parameter file, if 

a RACROUTE REQUEST=VERIFY,ENVIR=CREATE with POE= was issued, and the   

acid has a SOURCE restriction that does NOT match the POE= passed,     

then we will allow the call to succeed but log it with the following   

message to our ATF file:                                               

                                                                       

++ TSS ADD(acid/profile) SOURCE(xxxxxxxx)                              

                                                                       

Where xxxxxxxx is the POE passed on the RACROUTE security call.