APAR status |
Closed as program error.
| Error description
Environment:
WebSphere Application Server 3.5.6 AE
.
Description:Environment:WebSphere Application Server 3.5.6 AE.
Steps to recreate problem:Description:
.
1. WAS 3.5.6 AE is already configured with security enabled
using LTPA and connecting to a SecureWay LDAP server. He
opened the admin console and then the "Configure Global
Security Settings" wizard. Then he went to the User Registry
tab and clicked on the Advanced button next to the Directory
Type field.
.
2. The LDAP Advanced Properties window appeared. He then
modified any of User or Group filters or ID Maps (which are
valid for the LDAP server), and he clicked OK to accept the
changes and close the Window. He then clicked on the Finish
button in the Set Global Security Wizard window to accept the
changes and close that window (clicking OK after the dialog box
stating that the changes won't take place until WAS is
restarted).
.
3. He then chose the "Configure Global Security Settings" wizard
again to open the Set Global Security Wizard window again
without restarting WAS first, and he just clicks on the Finish
button.
.
4. When opening the "Configure Global Security Settings" wizard
a third time and going all the way the LDAP Advanced Properties
window, you will see that the changes made in step 2 have been
reverted back to the original settings. This shouldn't be
happening at all. Steps to recreate problem:.1. WAS 3.5.6 AE is already configured with security enabledusing LTPA and connecting to a SecureWay LDAP server. Heopened the admin console and then the "Configure GlobalSecurity Settings" wizard. Then he went to the User Registrytab and clicked on the Advanced button next to the DirectoryType field..2. The LDAP Advanced Properties window appeared. He thenmodified any of User or Group filters or ID Maps (which arevalid for the LDAP server), and he clicked OK to accept thechanges and close the Window. He then clicked on the Finishbutton in the Set Global Security Wizard window to accept thechanges and close that window (clicking OK after the dialog boxstating that the changes won't take place until WAS isrestarted)..3. He then chose the "Configure Global Security Settings" wizardagain to open the Set Global Security Wizard window againwithout restarting WAS first, and he just clicks on the Finishbutton..4. When opening the "Configure Global Security Settings" wizarda third time and going all the way the LDAP Advanced Propertieswindow, you will see that the changes made in step 2 have beenreverted back to the original settings. This shouldn't behappening at all. Local fixProblem summary
****************************************************************
* USERS AFFECTED: For WebSphere Application Server 3.5 users *
****************************************************************
* PROBLEM DESCRIPTION: Not restarting WAS after enabling *
* security and then clicking *
* finish again, the Global Security *
* loses security settings. *
* *
****************************************************************
* RECOMMENDATION: *
****************************************************************
The problem is reproducible in any WAS 3.5. Once the user
makes changes to the LDAP Advanced properties to be the custom
LDAP, the user registry properties will be replaced with the
default LDAP properties (it happens to be NetScape) if the
user then changes any settings in the User Registry panel
without changing the Advanced settings. The previous change in
the Advanced properties would be lost and replaced with the
default NetScape LDAP properties.
The steps to reproduce the problem:
1. WAS 3.5.6 AE is already configured with security enabled
using LTPA and connecting to a SecurityWay LDAP server. Opened
the admin console and then the "Configure Global Security
Settings" wizard. Then went to the User Registry tab and
clicked on the Advanced button next to the Directory Type field.
2. The LDAP Advanced Properties window appeared. Then modified
any of User or Group filters or ID Maps and clicked OK to accept
the changes and close the Window. Then clicked on the Finish
button in the Set Global Security Wizard window to accept the
changes and close that window (clicking OK after the dialog
box stating that the changes won't take effect util WAS is
restarted).
3. Then close the "Configure Global Security Settings" wizard
again to open the Set Global Security Wizard window again
without restarting WAS first, and just click the Finish button.
4. When opening the "Configure Global Security Settings" wizard
a third time and going all the way to the LDAP Advanced
properties window, you will see that the changes made in step 2
have been reverted back to the original settings. This
shouldn't be happening at all. The steps to reproduce the problem:1. WAS 3.5.6 AE is already configured with security enabledusing LTPA and connecting to a SecurityWay LDAP server. Openedthe admin console and then the "Configure Global SecuritySettings" wizard. Then went to the User Registry tab andclicked on the Advanced button next to the Directory Type field.2. The LDAP Advanced Properties window appeared. Then modifiedany of User or Group filters or ID Maps and clicked OK to acceptthe changes and close the Window. Then clicked on the Finishbutton in the Set Global Security Wizard window to accept thechanges and close that window (clicking OK after the dialogbox stating that the changes won't take effect util WAS isrestarted).3. Then close the "Configure Global Security Settings" wizardagain to open the Set Global Security Wizard window againwithout restarting WAS first, and just click the Finish button.4. When opening the "Configure Global Security Settings" wizarda third time and going all the way to the LDAP Advancedproperties window, you will see that the changes made in step 2have been reverted back to the original settings. Thisshouldn't be happening at all. Problem conclusion
The AdminGUI codes including
GlobalSecuritySettingsSmartGuide.java and
LDAPUserRegistryPanel.java were modified to load advanced LDAP
properties from repository instead of loading default LDAP
(NetScape) properties if users update the Global Security
Config setting without opening Advanced LDAP properties panel. Temporary fixComments
APAR information | APAR number | PQ69702 | Reported component name | WAS ADVANCED AI | Reported component ID | 5648C8400 | Reported release | 350 | Status | CLOSED PER | PE | NoPE | HIPER | NoHIPER | Submitted date | 2003-01-09 | Closed date | 2003-01-21 | Last modified date | 2003-01-21 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:
Modules/Macros APAR is sysrouted TO one or more of the following:Modules/Macros
|
Fix information |
Fixed component name | WAS ADVANCED AI | Fixed component ID | 5648C8400 |
Applicable component levels | R350 PSY | UP |
|