Password case sensitivity using a local operating system registry

Knowing when a password is interpreted as case sensitive or not can directly affect how you use a local operating system registry. WebSphere® Application Server exploits the mixed case password option for the Resource Access Control Facility (RACF®) and allows you to use case sensitive passwords.

Since z/OS® Version 1.7, RACF supports the option of a mixed case password. You select this option for RACF by using the

SETROPTS
PASSWORD(MIXEDCASE)

command. To use case sensitive passwords in WebSphere Application Server for a local operating system registry, you must comply with all of the following requirements:

Use z/OS Version 1.7 or higher.
Note: To use the Liberty profile capabilities of z/OS, you must use Version 1.11 or later.
Use the local operating system registry.
Turn on the RACF mixed case option with the SETROPTS PASSWORD(MIXEDCASE) command.

Important: All three of these requirements must be met; otherwise, WebSphere Application Server password will not be sensitive to case.

If you use a Lightweight Directory Access Protocol (LDAP) configuration, you can use mixed case passwords.

For more information on the mixed case password feature in z/OS Version 1.7, see Z/OS V1R7.0 Security Server RACF Security Administrator's Guide. This guide is available under Security Server and Integrated Security Services. Within the guide, see section 5.2.1.

There is an SDBM alternative setup for LDAP. For more information, see the topic SDBM authorization in the Tivoli® Directory Server for z/OS section of the z/OS V1R11 documentation.