When running CA JCLCheck WA in ISPF with the SECURITY and USER(secid) option activated, an error message "CAY6321W POTENTIAL SECURITY VIOLATION DETECTED 'USER SIGNON'" is produced. This error is not produced when running CA JCLCheck WA in batch mode. The security environment is CA Top Secret.

The security id submitted to CA JCLCheck WA for security prevalidation must have proper TSO access authority defined to CA Top Secret. Without the proper TSO access authority, CA JCLCheck WA is unable to perform a virtual signon and will issue the above error message.

If a virtual signon is completed successfully, CA JCLCheck WA issues the following informational message: "CAY6320I USER 'secid' VIRTUAL SIGNON TO CAISSF COMPLETE".

Recommended Reading:
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-mainframe-software/automation/ca-jclcheck-workload-automation/12-0/building/special-usage-considerations/security-prevalidation.html