APAR status |
Closed with unknown close code.
| Error description
After going to a secured resource and authenticating the ltpa
token is allowed to expire. Trying to access the secured
resource causes user to reauthenticate, as expected. After
attempting to reauthenticate the browser shows an "invalid
credential" message. Local fix
Increase token timeout Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application server security *
* users with multiple secured application *
* servers. *
****************************************************************
* PROBLEM DESCRIPTION: After LTPA Token has expired, *
* re-authenticated users may not be able *
* to access EJBs on a different server. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
Immediately after LTPA Token expired, re-authenticated users
may not be authenticated to access secured EJBs on a remote
application server even they can access servlets successfully. Problem conclusion
Authorization to access secured EJB is based on SAS sessions,
and sessions are mapped to credentials. The session id did
not include crdential expiration time, so an old session was
used even after a new credential was created if session is not
expired. With the fix, new session will be created with
new credential token. Temporary fix
provided test fix Comments
APAR information | APAR number | PQ72041 | Reported component name | WEBSPHERE AE SO | Reported component ID | 5648C8400 | Reported release | 350 | Status | CLOSED | PE | NoPE | HIPER | NoHIPER | Submitted date | 2003-03-13 | Closed date | 2003-03-13 | Last modified date | 2003-03-13 |
APAR is sysrouted FROM one or more of the following: PQ71397
APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:PQ71397
Modules/Macros APAR is sysrouted TO one or more of the following:Modules/Macros
|
Fix information |
Fixed component name | WEBSPHERE AE SO | Fixed component ID | 5648C8400 |
Applicable component levels | R350 PSY | UP |
|