CA Top SecretCA Top Secret - LDAPCA Web Administrator for Top Secret
What will happen to a user configured to use passphrase accesses functions that generates a temporary passticket? Will it affect user’s overall passphrase authentication?
For example when a user accesses one of our applications a passticket is generated - followed by CICS Signon with generated temporary passticket. There is no user intervention. 1. Is the passticket 8 bytes or does it matter? 2. With a passphrase will the passticket generation need to change (to be longer) or with the passticket satisfy authentication of a passphrase?
Release : 16.0
Component : CA Top Secret for z/OS
Questons: 1. Is the passticket 8 bytes or does it matter? Answer: Passtickets are generated by IBM RACF callable service r_gensec or r_ticketserv, so it decides the length. 2. With a passphrase will the passticket generation need to change (to be longer) or with the passticket satisfy authentication of a passphrase? Answer: No, the passphrase will not need to change or be made longer. During signon, TSS checks to see if its a password/passphrase or passticket. He will first try signon with a passphrase/password. If the passphrase/password doesnt match, he will then try to validate the passticket. If the passtickets validation is successful, then the signon will complete. If not, the signon will fail.