APAR status |
Closed as program error.
| Error description
A blank page is displayed in the browser if the client does one
of the following things:
1. Enters wrong userid/password 3 times when prompted for
authentication
2. Cancels the challenge for authentication
When scenarios 1 or 2 happen, the code in
WebAppRequestDispatcher does not properly handlethe scenario
and it results in a blank page being displayed to the user of the following things:1. Enters wrong userid/password 3 times when prompted forauthentication2. Cancels the challenge for authenticationWhen scenarios 1 or 2 happen, the code inWebAppRequestDispatcher does not properly handlethe scenarioand it results in a blank page being displayed to the user Local fixProblem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server developers *
* enabling WebSphere Security. *
****************************************************************
* PROBLEM DESCRIPTION: With WebSphere Security enabled, *
* failed login requests result in a *
* blank page being displayed. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
With WebSphere Security enabled and not using custom error
pages, a blank page is displayed when the user enters an
incorrect username/password or hits cancel when the challenge
dialog box is presented. The correct behavior is to forward
to the default error page instead of sending a no body
response to the client (ie blank page). Problem conclusion
Modified the handling of security related exceptions to
forward to the default error page when a login
attempt fails to authenticate and no custom error page
is defined for that HTTP return code. Temporary fix
//wasdoc0/apars/pq62024/3.5.6 Comments
APAR information | APAR number | PQ62024 | Reported component name | WAS ADVANCED AI | Reported component ID | 5648C8400 | Reported release | 350 | Status | CLOSED PER | PE | NoPE | HIPER | NoHIPER | Submitted date | 2002-06-07 | Closed date | 2002-06-17 | Last modified date | 2002-06-17 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:
Modules/Macros APAR is sysrouted TO one or more of the following:Modules/Macros
|
Fix information |
Fixed component name | WAS ADVANCED AI | Fixed component ID | 5648C8400 |
Applicable component levels | R350 PSY | UP |
|