PM10454: SENSITIVE INFORMATION IN DEFAULT_CREATE.LOG FILE IF USING WEBSPHERE APPLICATION SERVER (NON-SAF) MANAGED SECURITY

Fixes are available

APAR status

Closed as program error.

Error description

When using the zPMT to create a profile using "WebSphere
Application Server" managed security (as opposed to
no security, or a z/OS security product", sensitive
information might be in the default_create.log file that is
produced on the target z/OS system when the BBOWWPFx job is
run to create the profile.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  Users of WebSphere Application Server for   *
*                  z/OS not using a z/OS security product      *
****************************************************************
* PROBLEM DESCRIPTION: When using the zPMT to create a         *
*                      profile using "WebSphere Application    *
*                      Server" managed security (as opposed    *
*                      to no security, or a z/OS security      *
*                      product", sensitive information         *
*                      might be in the                         *
*                      default_create.log file that is         *
*                      produced on the target z/OS system      *
*                      when the BBOWWPFx job is run to         *
*                      create the profile.                     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
One of the panels within the zPMT is a panel on which a
security type for the WebSphere Application Server profile is
chosen.

On this panel when using option "WebSphere Application Server
security", sensitive information might be saved.

After generating the customization jobs, uploading them, and
running the BBOWWPFx job to create the profile, the
information might be in the default_create.log log file that
resides within the WAS_HOME directory containing the newly
created profile.

Problem conclusion

APAR PM10454 is currently targeted for inclusion in
Service Level (Fix Pack) 7.0.0.11 of WebSphere
Application Server for z/OS.  Refer to URL:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg24020368
to download IBM WebSphere Customization Tools 7.0.0.11 when
available.

Temporary fix

Comments

APAR Information

APAR number
PM10454
Reported component name
WEBSPHERE CUST
Reported component ID
5655N0213
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-03-22
Closed date
2010-04-13
Last modified date
2012-08-08

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

PM10621 PM10625

Fix information

Fixed component name
WEBSPHERE CUST
Fixed component ID
5655N0213

Applicable component levels

R700 PSY
UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
24 October 2021

Tips

PM10454: SENSITIVE INFORMATION IN DEFAULT_CREATE.LOG FILE IF USING WEBSPHERE APPLICATION SERVER (NON-SAF) MANAGED SECURITY

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R700 PSY

Document Information

Share your feedback

Need support?