PQ59667: AUTHORIZATION FAILS WITH AN EXTERNALLY CREATED LTPA TOKEN.

A fix is available
WebSphere Application Server Version 3.5 Fix Pack 7 (3.5.7)

APAR

APAR status
Closed as program error.

Error description
uthorization fails with externally created LTPA Tokens if the
access ID string does not match exactly with the ID stored in
the WAS authorization tables.
Local fix
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users using     *
*                 security and Single Sign On.                 *
****************************************************************
* PROBLEM DESCRIPTION: Authorization fails with externally     *
*                      created LTPA Token.                     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Authorization fails for externally created Ltpa Token due to
an extra space between Relative Disinguished Name and the Base
Distinguished Name required by WebSphere security. This is a
result of WebSphere using exact name matching.
Problem conclusion
The name used for authorizations is now created internally by
WebSphere so the format of the name is consistent with the
name stored in the authorization table including the space
between the Relative Distinguished Name and Base
Distinguished Name.
Temporary fix
PQ59667-3.5.4-3.5.5-3.5.6-test.jar
Comments
Supplied fix to create access ID from internal registry calls
instead of the ID from the externally created LTPA token.
APAR information
APAR numberPQ59667
Reported component nameWAS ADVANCED AI
Reported component ID5648C8400
Reported release350
StatusCLOSED PER
PENoPE
HIPERNoHIPER
Submitted date2002-04-02
Closed date2002-05-30
Last modified date2002-05-30

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:

PQ61779

Modules/Macros
SECURITY
APAR is sysrouted TO one or more of the following:PQ61779Modules/Macros

Fix information
Fixed component nameWAS ADVANCED AI
Fixed component ID5648C8400

Applicable component levels
R350 PSYUP











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, General
Software version: 350
Reference #: PQ59667
IBM Group: Software Group
Modified date: 2002-05-30