Authentication problems after installing Microsoft® Internet Explorer critical update fix MS04-004

Technote (FAQ)
Problem
After applying Microsoft critical update MS04-004 to Internet Explorer, you might experience various failures that seem related to WebSphereŽ security. These failure symptoms can appear as login or authentication problems during login to the WebSphere Application Server Administrative Console or during login to WebSphere applications.

Symptoms observed include the following:

- Secure application login fails initially, but after three to six failures, the login works.

- Initial attempts to log on to the Administrative Console fail. However, if the browser is left open with the login screen displayed for several minutes, login succeeds.

- Unexpected "HTTP 500 Internal server" error

- "HttpRequest getHeader" response with content length of zero in a HTTP transport trace

- Error "FormLoginServ d username and/or password are not present" in a security trace

- Error message "SECJ0305I: Role based authorization check failed for security name <null>, accessId NO_CRED_NO_ACCESS_ID while invoking method getName on resource Server and module Server"
Cause
The problem is explained in Microsoft Knowledge Base article 831167 (KB831167). The Microsoft security fix MS04-004 contains a patch that causes this problem. KB831167 indicates that hotfix Q832814 can also cause this problem. If you have applied either fix, the fix numbers display in the Update Versions list in Internet Explorer. To see this list, click Help > About Internet Explorer, and look for either Q832894 or Q821814.
Solution
If either Q832894 or Q821814 is applied to the Internet Explorer, install the recommended Microsoft fix for this problem. Currently the problem is described in KB831167 and fix Q831167 is provided. Once fix Q831167 is installed, it will display in the Update Versions list within Internet Explorer.

Here is the link to article KB831167












Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Security
Operating system(s): Windows 2000, Windows NT, Windows Server 2003, Windows XP
Software version: 3.5, 4.0, 5.0, 5.1, 6.0
Software edition: Edition Independent
Reference #: 1163290
IBM Group: Software Group
Modified date: 2004-03-15