CA TPX Session Management for z/OS

Handling of Passwords in SECDEBG Security Trace

  • 1.  Handling of Passwords in SECDEBG Security Trace

    Posted 01-28-2016 05:28 AM

    If CA Support may request you to create and provide a security trace for TPX you will use our SECDEBG tool (How you can start that trace is explained in detail in our technical document TEC509062, available here: http://www.ca.com/us/support/ca-support-online/product-content/knowledgebase-articles/tec509062.aspx). When using this tool, take care about the passwords.
    After you started SECDEBG you will see this panel

     

    TENSECDB                TPX Enhanced Security Debugging 

    Overtype appropriate data, then press F9.
    Debugging parameters                                   

      Turn on Security Trace . . . . . . . N      (Y/N)
      Decrypt Passwords in Trace . . . . . N      (Y/N)     

      Trace Maximum Output . . . . . . . . N      (Y/N)     

      Initial Trace Output Done  . . . . . N      (Y/N)

     

    Regardless of the settings for the other parameters, if you leave "Trace Maximum Output" to 'N' then the block XDATA which contains the password is neither created nor written into the trace output:

     

    XDATA     @ 0027B0C0                                         
    0000   7DD3C311 50E3A4A2 85999381 948511D1   'LC.&Tusername.J
    0010   F39781A2 A2A69699 8411D3C3 40404040   3password.LC   
    0020   40404040 11D4D340 40404040 40404011       .ML        .
    0030   D5E34040 4040                         NT