PQ55567: AUTHENTICATION FAILED WHEN TRYING TO ACCESS SECURED STATIC HTML FILES BEING SERVED BY WEB SERVER


APAR

APAR status
Closed as program error.

Error description
Environment:
WebSphere Application Server (WAS) 3.5.4 for AIX
   LDAP server
.
Description:Environment:WebSphere Application Server (WAS) 3.5.4 for AIXLDAP server.
The customer is having their web server serve static HTML pages via HTTPS and is securing the static HTML pages using WAS. When trying to access the static HTML pages via a web browser, authorization failed appears in the browser. Accessing servlets and pages being served by WAS don't have the problem.
Description:The customer is having their web server serve static HTMLpages via HTTPS and is securing the static HTML pages using WAS.When trying to access the static HTML pages via a web browser,authorization failed appears in the browser. Accessing servletsand pages being served by WAS don't have the problem.
Local fix
Have the static pages be served by the File Serving Servlet in
WAS instead of the web server.
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server who use         *
*                 Certificate and WebSphere Security to        *
*                 secure static contents served by plugin.     *
****************************************************************
* PROBLEM DESCRIPTION: Static content served by the plugin     *
*                      is secured by WebSphere.  After the     *
*                      certificate is presented,               *
*                      authentication failure will occur.      *
****************************************************************
* RECOMMENDATION: Apply this efix, or use WebSphere to serve   *
*                 those static contents(instead of using       *
*                 plugin).                                     *
****************************************************************
If static content served by the plugin is secured by
WebSphere, the secured contents may not be able to be
accesssed.  After the certificate is presented to the server,
authentication failure occurs.
Problem conclusion
This problem was due to the use of an incorrect attribute name
javax.security.cert.X509Certificate
Temporary fix
PQ55567-v353.jar PQ55567-v354.jar PQ55567-v355.jar
Comments
APAR information
APAR numberPQ55567
Reported component nameWAS ADVANCED AI
Reported component ID5648C8400
Reported release350
StatusCLOSED PER
PENoPE
HIPERNoHIPER
Submitted date2001-12-06
Closed date2001-12-13
Last modified date2001-12-17

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:


Modules/Macros
SECURITY
APAR is sysrouted TO one or more of the following:Modules/Macros

Fix information
Fixed component nameWAS ADVANCED AI
Fixed component ID5648C8400

Applicable component levels
R350 PSYUP











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, General
Software version: 350
Reference #: PQ55567
IBM Group: Software Group
Modified date: 2001-12-17