(zos)Password case sensitivity using a local operating system registry
Knowing when a password is interpreted as case sensitive or not can directly affect how you use a local operating system registry. WebSphere Application Server exploits the mixed case password option for the Resource Access Control Facility (RACF ) and allows us to use case sensitive passwords.
Since z/OS Version 1.7, RACF supports the option of a mixed case password. You select this option for RACF using the SETROPTS PASSWORD(MIXEDCASE) command. To use case sensitive passwords in WebSphere Application Server for a local operating system registry, you must comply with all of the following requirements:
- Use z/OS Version 1.7 or higher.
To use the Liberty profile capabilities of z/OS, use Version 1.11 or later.
- Use the local operating system registry.
- Turn on the RACF mixed case option with the SETROPTS PASSWORD(MIXEDCASE) command.
Important: All three of these requirements must be met; otherwise, WebSphere Application Server password will not be sensitive to case.
If we use a Lightweight Directory Access Protocol (LDAP) configuration, we can use mixed case passwords.
For more information on the mixed case password feature in z/OS Version 1.7, see Z/OS V1R7.0 Security Server RACF Security Administrator's Guide. This guide is available under "Security Server and Integrated Security Services. Within the guide, see section 5.2.1.
There is an SDBM alternative setup for LDAP. For more information, see the topic SDBM authorization in the Tivoli Directory Server for z/OS section of the z/OS V1R11 information center.
Related concepts
Local operating system registries
Related tasks
Select a registry or repository Liberty profile: Controlling how roles are mapped to SAF Profiles Activating and configuring the SAF registry on z/OS
Related information:
Z/OS V1R7.0 Security Server RACF Security Administrator's Guide