APAR status |
Closed as program error.
| Error description
Customer has a setup with WAS 3.5.3 where they use Trust
Association and users come via TA as well as without going
through it. Customer notices significant performance
degradation in the case when TA is not used. That seems to be
because customer uses certificate authentication and we do not
cache certificates. Local fixProblem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server security *
* users of client certificate authentication. *
****************************************************************
* PROBLEM DESCRIPTION: Ltpa Token cookie not returned for *
* client certificate authentication. *
****************************************************************
* RECOMMENDATION: This is a performance APAR. If you are *
* using client certificate, and you also *
* enable SSO, apply this eFix for better *
* performance. *
****************************************************************
While using client certificate authentication, if SSO is
enabled, Ltpa cookie is expected (could be verified from
browser). However, ltpa cookie was never returned. Whenever a
new request is made, the user is reauthenticated via the
user's certificate instead of being validated by an Ltpa
Token. The former operation requires user registry calls
which can be very time consuming where the latter does not. Problem conclusion
The expected Ltpa cookie is now returned for client
certificate authentication. Temporary fix
PQ59959-356.jar Comments
a testing eFix for 3.5.6 has been send to customer.
APAR information | APAR number | PQ59959 | Reported component name | WAS ADVANCED AI | Reported component ID | 5648C8400 | Reported release | 350 | Status | CLOSED PER | PE | NoPE | HIPER | NoHIPER | Submitted date | 2002-04-10 | Closed date | 2002-05-01 | Last modified date | 2002-05-29 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:
PQ61723
Modules/Macros APAR is sysrouted TO one or more of the following:PQ61723Modules/Macros
|
Fix information |
Fixed component name | WAS ADVANCED AI | Fixed component ID | 5648C8400 |
Applicable component levels | R350 PSY | UP |
|