PQ70879: USER SPECIFIC COOKIES ARE BEING SERVED TO OTHER USERS FROM THE CACHE.

 Fixes are available

5.0.1: WebSphere Application Server Version 5.0 Fix Pack 1 (Version 5.0.1)
5.0.1: WebSphere Application Server Enterprise Edition Version 5.0 Fix Pack 1



APAR status
Closed as program error.

Error description
User specific cookies being served to other users form the
cache.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server developers who  *
*                 store user specific information in HTTP      *
*                 cookies                                      *
****************************************************************
* PROBLEM DESCRIPTION: User specific cookies stored in cache   *
*                      and being served to other users by      *
*                      mistake                                 *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Of the various pieces of data cached by Dynacache, one of
them is the application cookies. If the application is using
the cookies to store user specific information (identity or
session information), then those cached cookies can be
accidently served to other users. There needs to be a way to
stop those cookies from being cached.
Problem conclusion
In the cachespec.xml configuration file, cookie caching can
be enabled or disabled through the "store-cookies" property.
Temporary fix
PQ70879_eFix.jar
Comments
APAR information
APAR number PQ70879
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 00W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-02-11
Closed date 2003-02-27
Last modified date 2003-02-27

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
CACHEMGT          

Publications Referenced

Fix information
Fixed component name WAS BASE 5.0
Fixed component ID 5630A3600

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ70879
IBM Group: Software Group
Modified date: Feb 27, 2003