APAR status
Closed as program error.
Error description
When authenticating a Run As user, the entry in the applications
web.xml is used to lookup the user in the security cache. If
the username in the web.xml and security cache do not match in
case, the lookup fails to find the user and does a lookup to the
LDAP server.
Local fix
Security cache lookups should not be case sensitive.
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server who have *
* enabled global security. *
****************************************************************
* PROBLEM DESCRIPTION: The authentication cache is case *
* sensitive. This causes a cache miss *
* if a new login uses a name which does *
* not match the exact case of the name *
* used in the previous login. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
Security authentication cache lookup is case sensitive. The
cache lookup key is defined by the user registry. If this
lookup key does not exactly match the name entered by the
user, a false cache miss will result.
Problem conclusion
The name entered by the user is now used as an additional
cache lookup key.
The fix for this APAR is currently targeted for inclusion in
fixpack 5.0.2.13 and 5.1.1.7. Please refer to the Recommended
Updates page for delivery dates:
http://www-1.ibm.com/support/docview.wss?rs=180&context=SSEQTP
&uid=swg27004980
Temporary fix
test fix provided
Comments
APAR information |
APAR number |
PK03541 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
10W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2005-04-01 |
Closed date |
2005-08-02 |
Last modified date |
2005-08-02 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
|
Fix information |
Fixed component name |
WAS BASE 5.0 |
Fixed component ID |
5630A3600 |
Applicable component levels |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|