APAR status |
Closed as program error.
| Error description
Expired Credentials on a Session repeated gives out the
following error message in the tracefile. No visibile effect on
funtionality observed.
.
PrincipalAuthenticatorImpl validate IBM WebSphere Security 0,
0, com.ibm.WebSphereSecurity.ValidationFailedException
.
Change in the LTPA Credential timeout changes the time it takes
for the cred to timeout. Local fix
fix does not do a relogin but it does remove the security
session on the client side for the expired credential so that
it could relogin if the userid/password credentials are made
available (either via cache or login). Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server 3.5 users *
* of security. *
****************************************************************
* PROBLEM DESCRIPTION: Expired credential on session does not *
* get clean up on the client. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
When the LTPA token expired on the client session, server
throws validation failed exception when client makes
a request to the server. However, server does not throw back
the failure reason back along with the exception. This causes
client to not refresh the LTPA token and fails all of the
subsequent requests. Problem conclusion
Server now throws back the correct exception message and
the client will update the session accordingly. Temporary fix
Available Comments
APAR information | APAR number | PQ51887 | Reported component name | WAS ADVANCED SU | Reported component ID | 5648C8402 | Reported release | 350 | Status | CLOSED PER | PE | NoPE | HIPER | NoHIPER | Submitted date | 2001-08-28 | Closed date | 2002-01-30 | Last modified date | 2002-01-30 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:
Modules/Macros APAR is sysrouted TO one or more of the following:Modules/Macros
|
Fix information |
Fixed component name | WAS ADVANCED SU | Fixed component ID | 5648C8402 |
Applicable component levels | R350 PSY | UP |
|