A fix is available
APAR status
Closed as program error.
Error description
When one is logged onto the TEP and the password for such userid is changed (ie: via RACF on system where he HUB is running), the following messages are issued between the TEPS and the TEMS logs KLVNA103 PASSWORD NOT AUTHORIZED: CNTRLPT(DEFAULT) KDSPA002 Logon validation did not complete. ...(0000-CD94B60B:kdspac1.c,1601,"VPA1_CreatePath") VPA1_CreatePath failure detected 1006. ... ...(0000-CF689F3B:kdspac1.c,1601,"VPA1_CreatePath") VPA1_CreatePath failure detected 1007. .... This results in additional impact to the TEMS which requires recyling, as well as the affected ITM TEP clients from having to logon again to their TEP. We expect that authentication is needed only during the logon, but it appears that some validation requests are being generated from the TEP via the TEPS onto the HUB TEMS. In some security settings, once the authentication fails, let's say three times, it revokes the userids, and require resetting of passwords again or other actions. . To recreate this follow these steps: 1- Log onto the TEP. 2- From the security package, change the password for the userid 3- Depending on the scenario, it may result in the error messages being issued minutes or even hours later.
Local fix
None, except to advise TEP users to log off the TEP before making any password changes to their userids. Once the password has been updated, then log into the TEP with the new password.
Problem summary
Tivoli Portal authentication loop when using the HTTP interface. If the Tivoli portal is running with the HTTP connection mode (tep.connection.protocol=http/https) and the logged on user account password is changed, the Tivoli portal will go into a loop trying to re-authenticate the user causing the user account to be locked out. This loop does not happen right away, it takes about two hours before the loop starts. This loop can be avoided by recycling the portal client immediately after the Tivoli portal user account password is changed.
Problem conclusion
Fixed the looping issue so a Tivoli portal session can remain logged on after the user account's password is changed without encountering the looping condition or the user account lock out. The fix for this APAR is contained in the following maintenance packages: | fix pack | 6.3.0-TIV-ITM-FP0005
Temporary fix
Recycle the Tivoli Portal client immediately after the user account password is changed.
Comments
APAR Information
APAR number
IV63417
Reported component name
TEP
Reported component ID
5724C04EP
Reported release
630
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-08-11
Closed date
2015-01-26
Last modified date
2015-06-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TEP
Fixed component ID
5724C04EP
Applicable component levels
R630 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSCTLMK","label":"ITM Tivoli Enterprise Portal V6"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"630","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
28 June 2015