WebSphere Application Server messages
             Operating Systems: z/OS


BBOS

The following messages are Version 6.0 messages and are only issued if you are running in a mixed cell environment that includes a Version 6.0 application server. These messages are not issued on a Version 6.1 or 7.0 application server.

BBOS0001E: DCE/SAF initialization failed. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the DCE information from the RACF user profile DCE segment.
Action: Look for additional WebSphere messages for more information. The codes are documented in the OS/390 Security Server Callable Services reference.
BBOS0002E: CBIND CHECK FAILED WITH SAF RETURN CODE=hstring, RACF RETURN CODE=hstring, RACF REASON CODE=hstring.
Explanation: A RACF Check against the CBIND class was performed and failed.
Action: See SAF and RACF return and reason codes and update the RACF database accordingly. Information pertaining to the CBIND class can be found in the following documentation: RACF Messages and Codes, OS/390 Security Server (RACF) Macros and Interfaces, OS/390 Security Server (RACF) System Programmer's Guide. Ref: OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0003E: initACEE (IRRSIA00) failed for MVS Userid: string, with APPLID: string, with SAF Return Code=dstring, RACF Return Code=dstring, RACF Reason Code=dstring.
Explanation: The initACEE callable security service failed for the indicated MVS Userid and with the indicated decimal return and reason codes.
Action: See return codes for initACEE (IRRSIA00) in the Security Server (RACF) Callable Services or equivalent reference for other security products. Security Server reference documentation for initACEE include: OS/390 Security Server (RACF) Security Administrator's Guide and OS/390 Security Server (RACF) Callable Services for initACEE service call return and reason codes. Ref: OS/390 V2R6.0 Security Server (RACF) Callable Services Document Number: GC28-1921-05
BBOS0004W: Deletion of a RACO failed.
Explanation: The release of the storage for the RACO failed.
Action: For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html
This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0005E: RACLIST of class, string, failed with SAF Return Code=hstring, RACF Return Code=hstring, RACF Reason Code=hstring.
Explanation: RACROUTE REQUEST=LIST failed.
Action: Look in Security Server RACROUTE Macro Reference for the reason. Issue appropriate SEtrOPTS commands to resolve the situation.
BBOS0006E:DOWN-LEVEL SECURITY PRODUCT FOUND.
Explanation: A Security Product at the 2.6.0 level is needed for some internal initACEE (IRRSIA00) calls.
Action: Upgrade Security Product.
BBOS0007E:RACROUTE REQUEST=EXtrACT for string failed with SAF Return Code=hstring, RACF Return Code=hstring, RACF Reason Code=hstring.
Explanation: A call to RACROUTE REQUEST=EXtrACT failed with the indicated hexadecimal return and reason codes.
Action: See the accompanying return/reason codes in the OS/390 Security Server RACROUTE Macro Reference.
BBOS0008ERACAUTH of class, string, failed with SAF Return Code=hstring, RACF Return Code=hstring, RACF Reason Code=hstring.
Explanation: RACROUTE REQUEST=AUTH or REQUEST=FASTAUTH failed.
Action: Look in the OS/390 Security Server RACROUTE Macro Reference for the reason. Issue the appropriate SEtrOPTS command to correct the situation.
BBOS0009EThe requested PassTicket was not produced properly.
Explanation: The creation of a PassTicket failed.
Action: Refer to the OS/390 Security Server (RACF) Macros and Interfaces document, Secured Signon (PassTicket) function for an explanation
BBOS0010ETHE REQUESTED PASSTICKET SUPPORT IS NOT AVAILABLE FOR USE. THE SECURED SIGNON CALLABLE SERVICE COULD NOT BE LOCATED.
Explanation: The secured signon callable service required to build a PassTicket is not available on the system.
Action: Check that the required level of Security Server is properly installed on the system.
BBOS0011IUnable to load the DCE DLL EUVSDLL, the C/C++ library function dllload failed with errno dstring.
Explanation: The WebSphere control region was not able to load the DCE dynamic load library "EUVSDLL". This DLL must be available on the system if DCE security is desired. The control region will continue but DCE security will not be used.
Action: The most likely reason for this is that DCE has not been installed on the system. If DCE security is desired, DCE must be installed and a DCE security server (SECD) must be active on the system.
BBOS0012IThe C/C++ library function string failed to locate the pointer to string in the DCE DLL. The errno returned was dstring.
Explanation: The WebSphere control region was not able to find the pointer to the entry in the DCE DLL "EUVSDLL". This entry must be available on the system if DCE security is desired. The control region will continue but DCE security will not be used.
Action: Respond to the message as appropriate.
BBOS0013EThe DCE mutual authentication request failed with a string exception, with a minor code of hstring.
Explanation: A CB client was unable to complete a DCE mutual authentication sequence with a server.
Action: Take appropriate actions based on the exception reported in the message and try the operation again.
BBOS0014EMSG_BBOSENUS_SEC_PARAM_LIST_ERR: RACF - Parameter list error occurred during init_acee create
Explanation: RACF - Parameter list error occurred
Action: Look for additional WebSphere for z/OS messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0015EMSG_BBOSENUS_SEC_RACF_INTERNAL_ERR: RACF - An internal error occurred during init_acee create
Explanation: RACF - An internal error occurred during RACF processing
Action: Look for additional WebSphere for z/OS messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0016EMSG_BBOSENUS_SEC_RECOV_ENV_ERR: RACF - Recovery environment could not be established during init_acee create
Explanation: RACF - Recovery environment could not be established
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0017EMSG_BBOSENUS_SEC_UNDEF_USERID: RACF - User ID is not defined to RACF during init_acee create
Explanation: RACF - User ID is not defined to RACF
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0018EMSG_BBOSENUS_SEC_INV_PW_PTK: RACF - Password or PassTicket is not valid during init_acee create
Explanation: RACF - Password or PassTicket is not valid
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0019EMSG_BBOSENUS_SEC_PW_EXPIRED: RACF - Password is expired during init_acee create
Explanation: RACF - Password is expired
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0020EMSG_BBOSENUS_SEC_USERID_OR_PW_REVOKED: RACF - User ID is revoked during init_acee create
Explanation: RACF - User ID or Password is revoked
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0021EMSG_BBOSENUS_SEC_UNAUTH_USER: RACF - User ID is not authorized during init_acee create
Explanation: RACF - User is not authorized
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0022EMSG_BBOSENUS_SEC_INVALID_CERTIF: RACF - Certificate is not valid during init_acee create
Explanation: RACF - Certificate is not valid
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0023EMSG_BBOSENUS_SEC_CERTIF_NOtrUST: RACF - Either no user ID is defined for this certificate or the certificate status is NOtrUST during init_acee create
Explanation: RACF - Either no user ID is defined for this certificate or the certificate status is NOtrUST
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0024EMSG_BBOSENUS_SEC_NO_REM_USERID: No remote user ID is defined
Explanation: Security Manager - no remote user ID is defined
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0025EMSG_BBOSENUS_SEC_NO_REM_PASSWORD: No remote password or a blank password is defined as an environmental variable for Userid string
Explanation: Security Manager - no remote PASSWORD is defined
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0026EMSG_BBOSENUS_SEC_PTKT_HASHTABLE_FAILED: Security manager: hash table was not created
Explanation: Security Manager - Security Manager hash table creation failure
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0027ISecurity was not able to create a passticket.
Explanation: This process was attempting to initialize userid/passticket security, and was not able to generate a passticket. The process continues, and attempts to use the next available security method.
Action: The most likely reasons for this are that the Websphere Daemon was not active on the system or the SAF security manager was not configured to support passtickets. It is a requirement for using userid/passticket security that the Websphere Daemon process be active on the system where passtickets are generated. Further you must activate the resource class PTKtdATA, and define the CBS390 profile in this class. All users or groups that intend to use this resource must be given read access to this profile.
BBOS0028EMSG_BBOSENUS_SEC_NULL_SESSIONID: Null session ID in NatSecCtx_Auth
Explanation: Security Manager - Security Manager NatSecCtx_Auth has null sessionid
Action: Look for additional WebSphere messages for more information. The RACF codes are documented in the OS/390 Security Server (RACF) Callable Services reference, Return and Reason Codes, for IRRSIA00.
BBOS0029WFailed attempt to use SessionID, retrying alternate security
Explanation: Security type offered included User ID and SessionID, but that type was unavailable. The next available security type will be tried
Action: None, this is a warning message that another security type will be tried.
BBOS0030EMSG_BBOSENUS_SEC_UNABLE_TO_PERFORM_CBIND: SAF Ret Code (hex): hstring The requested CBIND(RACROUTE) function could not be performed
Explanation: SAF Return Code reported by Security Manager - The requested CBIND (RACROUTE) function could not be performed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. This SAF Return Code can have several different associated RACF Return Codes that further define the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0031EMSG_BBOSENUS_SEC_NO_RACF_SECURITY_DECISION_MADE: RACF Return Code (hex) : hstring (RACROUTE)- No security decision could be made
Explanation: RACF Return Code reported by Security Manager No security decision could be made. The RACF router was not loaded; the request, resource, subsystem combination could not be found in the RACF ROUTER table; no successful exit processing can take place.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0032EMSG_BBOSENUS_SEC_UNKNOWN_TO_RACF: RACF Return Code (hex) : hstring (RACROUTE) - No security decision could be made
Explanation: RACF Return Code reported by Security Manager The resource or class name is not defined to RACF or the class has not been raclisted.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0033EMSG_BBOSENUS_SEC_RACF_NOT_ACTIVE: RACF Return Code (hex) : hstring (RACROUTE) - RACF not active
Explanation: RACF Return Code reported by Security Manager RACF not active
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0034EMSG_BBOSENUS_SEC_RACF_CLASS_DATA_SPACE_DELETED: RACF Return Code (hex) : hstring (RACROUTE) - RACF data space has been deleted
Explanation: RACF Return Code reported by Security Manager The class was raclisted by RACROUTE REQUEST=LIST, GLOBAL=YES, or SEtrOPTS RACLIST, but the data space has been deleted.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0035EMSG_BBOSENUS_SEC_DATA_SPACE_ACCESS_ALESERV_FAILURE: RACF Return Code(hex): hstring (RACROUTE) - No data space access, ALESERV failure
Explanation: RACF Return Code reported by Security Manager The class was raclisted by RACROUTE REQUEST=LIST, GLOBAL=YES, or SEtrOPTS RACLIST, but the data space cannot be accessed due to an ALESERV failure.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0036EMSG_BBOSENUS_SEC_REQUESTED_CBIND_FUNCTION_FAILED: SAF Return Code (hex) : hstring The requested CBIND function failed
Explanation: SAF Return Code reported by Security Manager - The requested CBIND (RACROUTE) function failed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem. Use the SAF Return Code in conjunction with the reported RACF Return Code and RACF Reason Code to determine the cause of the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0037EMSG_BBOSENUS_SEC_USER_OR_GROUP_NOT_AUTHORIZED: RACF Return Code (hex): hstring (RACROUTE) - The user or group is not authorized
Explanation: RACF Return Code reported by Security Manager The user or group is not authorized to use the resource
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0038EMSG_BBOSENUS_SEC_FASTAUTH_INSTALL_EXIT_ERROR: RACF Return Code(hex): hstring (RACROUTE) - FASTAUTH install exit error occurred.
Explanation: RACF Return Code reported by Security Manager A RACROUTE REQUEST=FASTAUTH installation exit error occurred.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0039EMSG_BBOSENUS_SEC_BLANK_PORT_OF_ENtrY_IN_SECURITY_TOKEN: RACF Return Code(hex): hstring (RACROUTE) - Blank port-of-entry in security token
Explanation: RACF Return Code reported by Security Manager Indicates the profile has a conditional access list, the port-of-entry field in the security token is blank-filled, and the port-of-entry class is active.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0040EMSG_BBOSENUS_SEC_PARAMETER_LIST_ERROR: RACF Return Code (hex) : hstring (RACROUTE) - Parameter list error.
Explanation: RACF Return Code reported by Security Manager Parameter list error.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0041EMSG_BBOSENUS_SEC_ACEEALET_KEYWORD_AND_NOT_IN_SPVSOR_STATE: RACF Reason Code(hex : hstring (RACROUTE)-Calling program not in Supervisor State
Explanation: RACF Reason Code reported by Security Manager The ACEEALET= keyword was specified, but the calling program is not running in Supervisor State or System Key.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0042EMSG_BBOSENUS_SEC_ACEE_KEYWORD_NOT_SPECIFIED: RACF Reason Code (hex) : hstring (RACROUTE) - ACEE= keyword was not specified
Explanation: RACF Reason Code reported by Security Manager The ACEEALET= keyword was specified, but the ACEE= keyword was not specified
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0043EMSG_BBOSENUS_SEC_ENVRIN_KEYWORD_AND_NOT_IN_SPVSOR_STATE: RACF Reason Code(hex): hstring (RACROUTE) -Calling program not in Supervisor State
Explanation: RACF Reason Code reported by Security Manager The ENVRIN keyword was specified, but the calling program is not running in Supervisor State or System Key.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0044EMSG_BBOSENUS_SEC_ENVRIN_AND_ACEE_KEYWORD_BOTH_SPECIFIED: RACF Reason Code (hex) : hstring (RACROUTE) -ENVRIN and ACEE were both specified
Explanation: RACF Reason Code reported by Security Manager ENVRIN and ACEE were both specified (they are mutually exclusive keywords).
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0045EMSG_BBOSENUS_SEC_CBIND_RELEASE_PARAMETER_ERROR: SAF Return Code (hex) : hstring CBIND Release parameter error
Explanation: SAF Return Code reported by Security Manager This error indicates that the CHECK subparameter of the RELEASE keyword was specified on the execute form of the RACROUTE REQUEST=FASTAUTH macro, however, the list form of the macro does not have the same RELEASE parameter. Macro processing terminates.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0046EMethAuthCheck was issued in an address space without a BACB.
Explanation: MethAuth was invoked, but initialization of the environment was incomplete or the call was made outside of the WebSphere for z/OS environment. Suggest waiting for environment initialization completion, or if the call was made outside of WebSphere for z/OS, remove the call.
Action: Ensure that the WebSphere for z/OS regions are initialized
BBOS0047EMSG_BBOSENUS_SEC_UNABLE_TO_PERFORM_METHAUTHCHECK: SAF Ret Code (hex) : hstring The requested METHAUTHCHECK(RACROUTE) function could not be performed for Method Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager - The requested METHAUTHCHECK (RACROUTE) function could not be performed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. This SAF Return Code can have several different associated RACF Return Codes that further define the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0048EMSG_BBOSENUS_SEC_REQUESTED_METHAUTHCHECK_FUNCTION_FAILED: SAF Return Code (hex) : hstring The requested METHAUTHCHECK function failed and could not be performed for Method Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager - The requested METHAUTHCHECK (RACROUTE) function failed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem. Use the SAF Return Code in conjunction with the reported RACF Return Code and RACF Reason Code to determine the cause of the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0049EMSG_BBOSENUS_SEC_METHAUTHCHECK_RELEASE_PARAMETER_ERROR: SAF Return Code (hex) : hstring METHAUTHCHECK Release parameter error for Method Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager This error indicates that the CHECK subparameter of the RELEASE keyword was specified on the execute form of the RACROUTE REQUEST=FASTAUTH macro, however, the list form of the macro does not have the same RELEASE parameter. Macro processing terminates.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0050IDCE/SAF The server control region could not delete an ACEE created for user string. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: A WebSphere server control region was unable to delete an ACEE, accessor environment element (MVS control block), that was used to temporarily impersonate a client.
Action: Take appropriate actions based on the return codes reported in the message and try the operation again. The SAF and RACF codes are documented in the OS/390 Security Server Callable Services book.
BBOS0051IDCE/SAF The server control region could not create an ACEE for user string. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: A WebSphere server control region was unable to create an ACEE, accessor environment element (MVS control block), that was to be used to temporarily impersonate a client.
Action: Take appropriate actions based on the return codes reported in the message and try the operation again. The SAF and RACF codes are documented in the OS/390 Security Server Callable Services book.
BBOS0052ESSL security was specified but could not be initialized.
Explanation: The OS/390 Cryptographic Services System Secure Sockets Layer could not be initialized.
Action: See return codes for gsk_initialize in the OS/390 System SSL Programming Guide & Reference.
BBOS0053ESSL security was specified but System SSL routine module GSKSSL not available.
Explanation: The OS/390 Cryptographic Services System Secure Sockets Layer routine could not be loaded during server initialization. SSL security will not be used.
Action: Consult your systems programmer to install OS/390 Cryptographic Services System SSL.
BBOS0054ESSL security was specified but the gsk_user_set function could not be loaded.
Explanation: The OS/390 Cryptographic Services System Secure Sockets Layer routine gsk_user_set could not be loaded. The version of System SSL installed at your location cannot support this function. SSL security will not be used.
Action: Consult your systems programmer to install the correct version of System SSL.
BBOS0055EDelete ACEE (IRRSIA00) failed with SAF Return Code=dstring, RACF Return Code=dstring, RACF Reason Code=dstring.
Explanation: The delete ACEE callable security service failed with the indicated decimal return and reason codes.
Action: See return codes for IRRSIA00 in the Security Server (RACF) Callable Services or equivalent reference for other security products. Ref: OS/390 V2R6.0 Security Server (RACF) Callable Services Document Number: GC28-1921-0x
BBOS0056EinitACEE (IRRSIA00) failed to convert SSL certificate with SAF Return Code=dstring, RACF Return Code=dstring, RACF Reason Code=dstring.
Explanation: The initACEE callable security service failed to convert an SSL Client Certificate with the indicated decimal return and reason codes.
Action: See return codes for initACEE (IRRSIA00) in the Security Server (RACF) Callable Services or equivalent reference for other security products. Security Server reference documentation for initACEE include: OS/390 Security Server (RACF) Security Administrator's Guide and OS/390 Security Server (RACF) Callable Services for initACEE service call return and reason codes. Ref: OS/390 V2R6.0 Security Server (RACF) Callable Services Document Number: GC28-1921-05
BBOS0057EA DCE IOR component tag is too small to contain all its required information.
Explanation: WebSphere for z/OS was not able to interpret a DCE IOR component tag. Its size was too small to hold all the required fields that are defined for this tag.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0058EThere is no DCE principal name in a DCE IOR component tag.
Explanation: WebSphere for z/OS was not able to interpret a DCE IOR component tag because it did not contain a server's principal name.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0059EThe DCE principal name contained in a DCE IOR component tag has a invalid length of dstring.
Explanation: WebSphere for z/OS was not able to interpret a DCE IOR component tag because the length of the DCE server principal field was invalid.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0060EA DCE IOR component tag does not contain a required field and can not be interpreted.
Explanation: WebSphere for z/OS was not able to interpret a DCE IOR component tag because it was not large enough to hold all its required fields.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0061EAn SSL IOR component tag is too small to contain all its required information.
Explanation: WebSphere for z/OS was not able to interpret an SSL IOR component tag. Its size was too small to hold all the required fields that are defined for this tag.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0062EA Basic Authentication IOR component tag is too small to contain all its required information.
Explanation: WebSphere for z/OS was not able to interpret a basic authentication IOR component tag. Its size was too small to hold all the required fields that are defined for this tag.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0063EA Basic Authentication IOR component tag has an invalid length for its realm or principal field.
Explanation: WebSphere for z/OS was not able to interpret a basic authentication IOR component tag because it was not large enough to hold all its required fields.
Action: This message indicates that a client process can not interpret a security component tag. This will cause the client to skip this security method and may cause the client to fail when connecting to the server.
BBOS0064WThe RACF EJBROLES class has been found to be inactive during security method Authorization check. Contact your system administrator. SAF Ret Code (hex) : hstring RACF Ret Code (hex) : hstring RACF Reason Code (hex) : hstring
Explanation: WebSphere for z/OS was not able to complete a security methAuth check because the RACF EJBROLES class is inactive. Contact your system administrator or the IBM Support Center.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0065IAuthentication failed.
Explanation: There was a failure to complete the authentication process. The client request will continue but will fail later with a no permission exception.
Action: Examine the logs for the reason(s) that the authentication failed, and take the appropriate action. try the operation again.
BBOS0066IAn SSL Kerberos GSS_API authentication request failed with a string exception, and a minor code of hstring.
Explanation: A WebSphere client was unable to complete an SSL Kerberos GSS_API authentication sequence with a server.
Action: Take appropriate actions based on the exception reported in the message and try the operation again.
BBOS0067IThe length dstring of a Kerberos principal name returned from a SAF R_kerbinfo call for the user string exceeds the maximum allowable length.
Explanation: WebSphere for z/OS was not able to interpret the length of the principal name from the buffer that was returned from a R_kerbinfo call.
Action: This message indicates that a client process can not interpret the results from a R_kerbinfo call. This will cause the client to skip the SSL Kerberos GSS_API method of authentication and may cause the client to fail when connecting to the server.
BBOS0068ICB Series was unable to find the Kerberos principal associated with the user string.
Explanation: WebSphere for z/OS was not able to find the Kerberos principal name that was returned from a call to R_kerbinfo.
Action: This message indicates that the process can not interpret the results from a R_kerbinfo call. This will cause the process to skip the SSL Kerberos GSS_API method of authentication.
BBOS0069ISSL/Kerberos initialization failed for user string, because RACF is not installed. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user profile because RACF is not installed.
Action: RACF must be installed before WebSphere can use Kerberos security. Install RACF and define KERB segments for those users that will be using Kerberos security. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0070ISSL/Kerberos initialization failed for user string, because it has been revoked. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user profile because the user has been revoked.
Action: Contact your security administrator and have the user reinstated. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0071ISSL/Kerberos initialization failed for user string, because it has been revoked by this call. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user profile because the user has been revoked by the call.
Action: Contact your security administrator and have the user reinstated. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0072ISSL/Kerberos initialization failed for user string, because of an internal error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0073ISSL/Kerberos initialization failed for user string, because of an internal error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0074ISSL/Kerberos initialization failed for user string, because of an internal SAF error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user due to an internal SAF error.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0075ISSL/Kerberos initialization failed for user string, because of an internal SAF error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user due to an internal SAF error.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0076ISSL/Kerberos initialization failed for user string, because the user does not have a KERB segment. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user profile because the user is not defined to Kerberos.
Action: The user must have a SAF KERB segment defined to use Kerberos security. Have your security administrator define the user to Kerberos. The SAF and RACF codes are documented in the OS/390 Security Server callable services book.
BBOS0077ISSL/Kerberos initialization failed for user string, because of an internal error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0078ISSL/Kerberos initialization failed for user string, because the user is not defined. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user profile because the user is not defined to SAF
Action: The user must have a SAF KERB segment defined to use Kerberos security. Have your security administrator define the user to SAF then have him add a Kerberos segment to the user. The SAF and RACF codes are documented in the OS/390 Security Server callable services book.
BBOS0079ISSL/Kerberos initialization failed for user string, because of an internal SAF error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user due to an internal SAF error.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0080ISSL/Kerberos initialization failed for user string, because of an internal SAF error. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During initialization, WebSphere was unable to extract the Kerberos information from the KERB segment of the user due to an internal SAF error.
Action: This is a internal error. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0081ISSL/Kerberos initialization failed because the Kerberos API string failed with a status code of hstring - string.
Explanation: During initialization, a call to the indicated Kerberos API failed with the stated status code.
Action: Take appropriate actions based on the status reported in the message and try the operation again. The Kerberos status codes are documented in the OS/390 Network Authentication Administration book.
BBOS0082ISSL/Kerberos initialization failed because the Kerberos GSS_API string failed. major status: hstring - string minor code: hstring - string
Explanation: During initialization, a call to the indicated Kerberos GSS_API failed with the stated status codes.
Action: Take appropriate actions based on the status reported in the message and try the operation again. The Kerberos status codes are documented in the OS/390 Network Authentication Administration book.
BBOS0083ISSL/Kerberos initialization failed because the API SETENV failed with errno dstring.
Explanation: During initialization, the server control region was not able to set the environment variable KRB5_SERVER_KEYTAB to "1". In order for a server to participate in Kerberos security this environment variable must be set. The server will continue with its initialization but Kerberos security will not be used.
Action: Take appropriate actions based on the errno in the message and try the operation again.
BBOS0084ISSL/Kerberos initialization failed because the server could not find its associated Kerberos principal name.
Explanation: During initialization, the server control region was not able to determine what its associated Kerberos principal name is. The server will continue with its initialization but Kerberos security will not be used.
Action: Check the server's log for messages that may relate to the problem. Take appropriate actions based on the messages found and try the operation again.
BBOS0085ISSL/Kerberos initialization failed because the server could not find its associated Default Kerberos realm.
Explanation: During initialization, the server control region was not able to determine what its associated Kerberos realm name is. The server will continue with its initialization but Kerberos security will not be used.
Action: Check the server's log for messages that may relate to problem. Take appropriate actions based on the messages found and try the operation again.
BBOS0086ISSL/Kerberos initialization failed because the Kerberos GSS_API string failed. major status: hstring - string minor code: hstring - string
Explanation: During initialization, a call to the indicated Kerberos GSS_API failed with the stated status codes. The server will continue with its initialization but Kerberos security will not be used.
Action: Take appropriate actions based on the status reported in the message and try the operation again. The Kerberos status codes are documented in the OS/390 Network Authentication Administration book.
BBOS0087ISSL/Kerberos server failed to authenticate this request because the Kerberos GSS_API string failed. major status: hstring - string minor code: hstring - string
Explanation: During the processing of a request the Kerberos GSS_API failed with the stated status codes. The server will not use Kerberos security for this request.
Action: Take appropriate actions based on the status reported in the message and try the operation again. The Kerberos status codes are documented in the OS/390 Network Authentication Administration book.
BBOS0088IThe Kerberos principal name obtained from the authentication token has an invalid length of dstring.
Explanation: WebSphere for z/OS was not able to authenticate the client request because the length of the Kerberos principal name was larger than allowable.
Action: This message indicates that a server process can not interpret a Kerberos principal that is associated with this request. Kerberos security will not be used for this request.
BBOS0089IThe Kerberos principal name obtained from the authentication token can not be understood by the server.
Explanation: WebSphere for z/OS was not able to authenticate the client request because the Kerberos principal name was not understood by the server.
Action: This message indicates that a server process can not interpret a Kerberos principal that is associated with this request. Kerberos security will not be used for this request.
BBOS0090ISSL/Kerberos authentication failed for the principal string, because RACF is not installed. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During Kerberos authentication, WebSphere was unable to obtain the SAF user associated with the Kerberos principal because RACF is not installed.
Action: RACF must be installed before WebSphere can use Kerberos security. Install RACF and define KERB segments for those users that will be using Kerberos security. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0091ISSL/Kerberos authentication failed for the principal string, because of an invalid parameter. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During Kerberos authentication, WebSphere was unable to obtain the SAF user associated with the Kerberos principal because of an internal error.
Action: Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0092ISSL/Kerberos authentication failed for the principal string, because there is no mapping between the Kerberos principal and a RACF userid. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During Kerberos authentication, WebSphere was unable to obtain the SAF user associated with the Kerberos principal because there is no mapping the Kerberos principal and a RACF userid.
Action: Contact your security administrator and have the principal mapped to a RACF userid. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0093ISSL/Kerberos authentication failed for the principal string, because this server is not authorized to use the IRRSIM00 SAF service. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During Kerberos authentication, WebSphere was unable to obtain the SAF user associated with the Kerberos principal because this server is not authorized to use the IRRSIM00 service.
Action: Based on the return codes take corrective action and retry the request. Reference the SAF and RACF codes documented in the OS/390 Security Server Callable services book.
BBOS0094ISSL/Kerberos authentication failed for the principal string, because this server could not map the princpal to a SAF user. API: string. SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: During Kerberos authentication, WebSphere was unable to obtain the SAF user associated with the Kerberos principal.
Action: Contact your security administrator and have the server authorized to the IRR.RUSERMAP FACILITY class. The SAF and RACF codes are documented in the OS/390 Security Server Callable services book.
BBOS0095ISSL/Kerberos the IOR tagged component for SSL Kerberos security was skipped because of an invalid length for the server realm name.
Explanation: During the processing of an IOR the length of the server's realm name in an SSL Kerberos GSS_API tag could not be determined. The process continues but this form of security will not be used.
Action: This is an internal programming error. For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0096ISSL/Kerberos the IOR tagged component for SSL Kerberos security was skipped because of an invalid realm name.
Explanation: During the processing of an IOR the the server's realm name in an SSL Kerberos GSS_API tag could not be determined. The process continues but this form of security will not be used.
Action: This is an internal programming error. For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0097ISSL/Kerberos the IOR tagged component for SSL Kerberos security was skipped because of an invalid length for the server principal name.
Explanation: During the processing of an IOR the length of the server's principal name in an SSL Kerberos GSS_API tag could not be determined. The process continues but this form of security will not be used.
Action: This is an internal programming error. For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0098ISSL/Kerberos the IOR tagged component for SSL Kerberos security was skipped because of an invalid server principal name.
Explanation: During the processing of an IOR the the server's principal name in an SSL Kerberos GSS_API tag could not be determined. The process continues but this form of security will not be used.
Action: This is an internal programming error. For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0099IUnable to load the Kerberos DLL EUVFKDLL. The Kerberos API krb5_dll_load failed with errno dstring.
Explanation: The WebSphere program was not able to load the Kerberos dynamic load library "EUVFKDLL". This DLL must be available on the system if Kerberos security is desired. The program will continue but Kerberos security will not be used.
Action: The most likely reason for this is that Kerberos has not been installed on the system. If Kerberos security is desired, Kerberos must be installed and a Kerberos security server (SKRBKDC) must be active on the system. Ensure that Kerberos contains any service specified in the installation documentation for this level of WebSphere.
BBOS0100WAn SSL certificate failed an internal conversion.
Explanation: An internal conversion routine failed to convert an SSL Client Certificate to be handled by RACF.
Action: The most likely reason for this code is that the incoming SSL certificate is malformed. Check the SSL certificate from the client to make sure it is valid.
BBOS0101WInvalid or missing REM_USERID or REM_PASSWORD in the environmental file. If server allows it, client will run unauthenticated
Explanation: Client security code is connecting to a server which prefers UserID/Password but there is no REM_USERID or REM_PASSWORD in the client's environmental file. If permited, client will run unauthenticated.
Action: Check the environmental file for these variables
BBOS0102WA verify for a MVS userid/password pair failed for userid string SAF code = dstring, RACF ret code = dstring, RACF rsn code = dstring.
Explanation: A customer Application needed to verify a MVS user password combination. Their call to SAF failed because the ID or password was invalid.
Action: Find return code and reason codes defined in OS/390 V2R4 Security Server (RACF) Callable Services or later documentation.
BBOS0103EMSG_BBOSENUS_SEC_EJBROLES_CHECK_FAILED: The requested EJBROLESAUTHCHECK(RACROUTE) function User string not permitted to method string via Allowed roles (string.)
Explanation: EJB container called isClientInRole. The ID on the current thread did not have read access to any of the EJB Roles listed.
Action: If this ID should have access change the SAF permisions. Otherwise, this is a normal denial of service.
BBOS0104EMSG_BBOSENUS_SEC_UNABLE_TO_PERFORM_EJBROLES_CHECK: SAF Ret Code (hex) : hstring The requested FASTAUTHCHECK(RACROUTE) function could not be performed for Role Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager - The requested METHAUTHCHECK (RACROUTE) function could not be . performed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. This SAF Return Code can have several different associated RACF Return Codes that further define the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0105EMSG_BBOSENUS_SEC_REQUESTED_EJBROLES_CHECK_FUNCTION_FAILED: SAF Return Code (hex) : hstring The requested FASTAUTHCHECK function failed and could not be performed for UserID string using Role Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager - the requested METHAUTHCHECK (RACROUTE) function failed. Use the SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem. Use the SAF Return Code in conjunction with the reported RACF Return Code and RACF Reason Code to determine the cause of the problem.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0106EMSG_BBOSENUS_SEC_EJBROLES_CHECK_RELEASE_PARAMETER_ERRO: SAF Return Code (hex) : hstring FASTAUTHCHECK Release parameter error for Role Name string and Class Name string
Explanation: SAF Return Code reported by Security Manager. This error indicates that the CHECK subparameter of the RELEASE keyword was specified on the execute form of the RACROUTE REQUEST=FASTAUTH macro, however, the list form of the macro does not have the same RELEASE parameter. Macro processing terminates.
Action: Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0107ECredential handling function string failed.
Explanation: An attempt to get or set a user credential failed.
Action: For further information on resolving this error, consult the IBM WebSphere Application Server for z/OS Support website at: http:www-3.ibm.com/software/webservers/appserv/zos_os390/support.html This site provides searchable databases of technotes, solutions, and e-fixes. Information on contacting the WebSphere Support team is also provided.
BBOS0108ECredential handling function string failed in Routine string with SAF Return Code (hex): hstring, RACF Return Code (hex): hstring, and RACF Reason Code (hex): hstring.
Explanation: SAF Return Code reported by Security Manager - The requested function failed. Use the routine name and SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem. Use the SAF Return Code in conjunction with the reported RACF Return Code and RACF Reason Code to determine the cause of the problem.
Action: Correct any problems with the definitions of users or EJBROLE profiles. Ensure the EJBROLE class is active. Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0109ECredential handling function string failed in Routine string with returnCode (hex): hstring, SAF Return Code (hex): hstring, RACF Return Code (hex): hstring, and RACF Reason Code (hex): hstring. Check that class EJBROLE has defined a valid APPLDATA.
Explanation: The requested function failed. Use the routine name and SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem. Use the SAF Return Code in conjunction with the reported RACF Return Code and RACF Reason Code to determine the cause of the problem.
Action: If the return code is 8 and all the other ones are 0's, ensure that the EJBROLE class has defined a valid APPLDATA. Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0110WMSGINDEX_BBOUENUS_ROLE_IS_NOT_DEFINED_TO_CLASS_EJBROLE: SAF Ret Code (hex) : hstring and returnCode: hstring indicate that Role Name string is not defined to Class Name string, which is active
Explanation: SAF Return Code reported by Security Manager - the requested STATUS check on class EJBROLE returned true but it indicates that the role name provided is not defined to this class.
Action: Make sure that the role name is RDEFINE to this class. Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0111EUTOKEN handling function string failed in request string with SAF Return Code (hex): hstring, RACF Return Code (hex): hstring, and RACF Reason Code (hex): hstring.
Explanation: The SAF Return Code was reported by Security Manager - the requested RACROUTE request failed. Use the request name and SAF Return Code in conjunction with the reported RACF Return Code to determine the cause of the problem. Some RACF Return Codes can have several different associated RACF Reason Codes that further define the problem.
Action: If a RACROUTE request regarding UTOKENs fails, there is probably a problem with the Security Manager. Contact your next level of support or the IBM Support Center. Reference the OS/390 V2Rx.0 Security Server RACROUTE Macro Reference Document Number: GC28-1922-0y
BBOS0112ECredential handling function string failed in USS callable service string with Return Value (hex): hstring, Return Code (hex): hstring, and Reason Code (hex): hstring.
Explanation: USS Return Value reported by Security Manager - the requested function failed. Use the routine name and USS Return Value in conjunction with the reported USS Return Code to determine the cause of the problem. Some USS Return Codes can have several different associated USS Reason Codes that further define the problem. Use the USS Return Value in conjunction with the reported USS Return Code and USS Reason Code to determine the cause of the problem.
Action: Find return value, return code, and reason codes defined in OS/390 USS Callable Services or later documentation.
BBOS0113WMSGINDEX_BBOUENUS_CTXRDTA_RRS_GET_IDENTITY_ERROR: CTXRDTA Return Code (hex) : hstring indicates that an error was encountered when attempting to obtain the current identity on the current RRS context.
Explanation: CTXRDTA Return Code reported by Security Manager - the request to obtain the current identity on the RRS context encountered an error.
Action: Reference the OS/390 V2R10 of OS/390 (5647-A01) or later MVS Programming: Resource Recovery Document Number: GC28-1739-08 or later
BBOS0114IPrincipal or service name is too long for audit.
Explanation: Either the service name or principal name for a user is too long for audit by the external security manager. The limit is 255 characters. Processing continues, but the principal name from the original registry is not included in audit records.
Action: None.
BBOS0115IWebSphere security has detected that the default RACF realm has not been defined to RACF.
Explanation: The server was not able to obtain the RACF default realm name. This definition is required for this version of z/OS WebSphere. The Daemon IP Name will be used instead.
Action: In this case the profile for the default realm has been defined but the appldata has been omitted. Contact your system security administrator to define the default realm using the RACF command RALTER REALM SAFDFLT APPLDATA('racf.realm.name') .
BBOS0116IWebSphere security has detected that the default RACF realm could not be obtained from RACF.
Explanation: The server was not able to obtain the RACF default realm name. This definition is required for this version of z/OS WebSphere. The Daemon IP Name will be used instead.
Action: Contact your system security administrator to define the default realm using the RACF command RALTER REALM SAFDFLT APPLDATA('racf.realm.name') .
BBOS0117IWebSphere security has detected that the default RACF realm could not be obtained from RACF. A RACF call to obtain the system default realm failed with RETURN CODE=hstring,
Explanation: The server was not able to obtain the RACF default realm name. This definition is required for this version of z/OS WebSphere. The Daemon IP Name will be used instead.
Action: Examine the error codes that were returned and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes. The meanings for the return codes contained in the message can be found in the z/OS SecureWay Security Server RACF External Security Interface (RACROUTE) Macro Reference under the RACROUTE REQUEST=EXtrACT section.
BBOS0118EA CSI GSSUP authentication request failed with a string exception, and a minor code of hstring.
Explanation: A WebSphere client was unable to complete a CSI GSSUP authentication sequence with a server.
Action: Take appropriate actions based on the exception reported in the message and try the operation again.
BBOS0119EA CSI GSSUP authentication request failed with a Context Error. Major Status: dstring Minor Status: dstring Context Error: string
Explanation: A WebSphere client was unable to complete a CSI GSSUP authentication sequence with a server. The server returned an error on the request.
Action: Verify the userid and password configured on the client is valid at the target system.
BBOS0120ICSIv2 z/OS GSSUP security has been configured but will not be used because SSL services are not available.
Explanation: The server was not able to support the configured security method because it required SSL services which were not available. The server continues to operate but CSIv2 z/OS GSSUP security will not be supported.
Action: Examine the logs for the reason(s) that SSL was not available, and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0121ICSIv2 Kerberos GSSAPI security has been configured but will not be used because SSL services are not available.
Explanation: The server was not able to support the configured security method because it required SSL services which were not available. The server continues to operate but CSIv2 Kerberos GSSAPI security will not be supported.
Action: Examine the logs for the reason(s) that SSL was not available, and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0122ICSIv2 z/OS GSSUP security has been configured but will not be used because the default RACF realm could not be converted to UTF8. An iconv_open failed with errno dstring.
Explanation: The server was not able to support the configured security method because it could not convert the RACF default realm name to its UTF8 representation. A call to iconv_open failed with the returned errno. The server continues to operate but CSIv2 z/OS GSSUP security will not be supported.
Action: Examine the errno that was returned and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0123ICSIv2 z/OS GSSUP security has been configured but will not be used because the default RACF realm could not be converted to UTF8. An iconv failed with errno dstring.
Explanation: The server was not able to support the configured security method because it could not convert the RACF default realm name to its UTF8 representation. A call to iconv failed with the returned errno. The server continues to operate but CSIv2 z/OS GSSUP security will not be supported.
Action: Examine the errno that was returned and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0124ICSIv2 Kerberos GSSAPI security has been configured but will not be used because the default Kerberos realm exceeds its maximum length. The default realm is string, with a length of dstring .
Explanation: The server was not able to support the configured security method because the default Kerberos realm name exceeds its maximum length. The server continues to operate but CSIv2 Kerberos security will not be supported.
Action: Examine the realm name and length that were returned and take the appropriate corrective actions. The maximum length of the realm is 255. The server must be stopped and restarted to pick up any changes.
BBOS0125ICSIv2 Kerberos GSSAPI security has been configured but will not be used because the server's Kerberos principal name exceeds its maximum length.
Explanation: The server was not able to support the configured security method because the server's Kerberos principal name exceeds its maximum length. The server continues to operate but CSIv2 Kerberos security will not be supported.
Action: The maximum length of a server's Kerberos principal name is 1024. The server must be stopped and restarted to pick up any changes. MSGINDEX_BBOUENUS_CSIV2_KRBGSS_CONF_NO_REQ_KRB
BBOS0126ICSIv2 Kerberos GSSAPI security has been configured but will not be used because Kerberos services are not available.
Explanation: The server was not able to support the configured security method because it required Kerberos services which were not available. The server continues to operate but CSIv2 Kerberos GSSAPI security will not be supported.
Action: Examine the logs for the reason(s) that Kerberos was not available, and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0127ICSIv2 GSSUP security has been configured but will not be used because the security realm name is not available.
Explanation: The server was not able to support the configured security method because it requires the default RACF realm to be defined. The server continues to operate but CSIv2 GSSUP security will not be supported.
Action: Examine the logs for the reason(s) that the default RACF realm could not be found, and take the appropriate corrective actions. The server must be stopped and restarted to pick up any changes.
BBOS0128WMultiple SSL keyring names were specified. Keyring string was chosen
Explanation: System SSL supports only a single keyring. Multiple keyring names were specified during configuration, specifically for com_ibm_HTTP_claimKeyringName and com_ibm_CSI_claimKeyringName and com_ibm_CSI_performKeyringName. The system has chosen the keyring named in the message and continues. Websphere tries to use them in the order listed above, looking for the first none-null value
Action: Examine the SSL keyring names specified during configuration and make them all the same
BBOS0129ESSL is required, but no keyring names have been specified
Explanation: Websphere has determined that SSL is needed, but the keyring configuration variables are all null. The variables that are used are com_ibm_HTTP_claimKeyringName and com_ibm_CSI_claimKeyringName and com_ibm_CSI_performKeyringName. At least one of these must contain a valid keyring name.
Action: set a keyring variable to a valid keyring name. MSGINDEX_BBOUENUS_RUNAS_ENABLE_trUSTED_APPS_NOT_SET 7704A
BBOS0130ECredential handling function string failed because EnabletrustedApplications is set to false.
Explanation: The requested function failed because global security is enabled and EnabletrustedApplications is set to false.
Action: This message occurs if global security is enabled and the registry is LocalOS (SAF), and option EnabletrustedApplications is set to false. To correct this, disable security, reconfigure security with EnabletrustedApplications set to true, then enable security. EnabletrustedApplications is found in the admin. console under Global Security -> Custom Properties.
Reference topic    

Terms of Use | Feedback

Last updated: September 28, 2010
http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=/com.ibm.websphere.messages.doc/bbos02_v70.html

© Copyright IBM Corporation 2006, 2010. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)