PQ91656; 5.0.2.6: Registry does not receive valid password
 Downloadable files
 
Abstract
The user registry does not receive a valid password if it contains umlauts or other unrecognized characters.
 
Download Description
PQ91656 resolves the following problems:

USERS AFFECTED:
WebSphere® Application Server security users implementing custom login.

PROBLEM DESCRIPTION:
When using SSOAuthenticator to perform custom login, authentication fails if the user password contains characters other than those in the the platform code pages.

RECOMMENDATION:
When using SSOAuthenticator to perform custom login, if the user password contains characters not in the
platform code pages, authentication fails. The cause is that the platform code page is used to convert
the password into bytes.

PROBLEM CONCLUSION:
SSOAuthenticator now encodes password strings using UTF8 instead of default encoding.

Also contains PQ88519:

USERS AFFECTED:
WebSphere Application Server who have enabled security and are implementing Custom Login via the deprecated class SSOAuthenticator.

PROBLEM DESCRIPTION:
The WASReqURL cookie was not automatically removed when using SSOAuthenticator.

RECOMMENDATION:
The WASReqURL cookie was not removed while using SSOAuthenticator to perform custom login. The reason for this was no domain was specified on the cookie when it was created, but a domain was specified when destroying the cookie. This caused some browsers not to destroy the cookie.

PROBLEM CONCLUSION:
When destroying the WASReqURL cookie, the domain is no longer set to match when it is created.
 
Prerequisites
Please download the UpdateInstaller below to install this fix.
 
URL LANGUAGE SIZE(Bytes)
UpdateInstaller US English 7250000
 
 
Installation instructions
Please review the readme.txt for detailed installation instructions.
 
URL LANGUAGE SIZE(Bytes)
Readme US English 4674
 
Download package
What is DD?
DOWNLOAD RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
PQ91656 11/16/2004 US English 6582 FTP DD
 
Technical support
1-800-IBM-SERV (U.S. Only)
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
Problems (APARs) fixed
PQ91656, PQ88519
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0.2.6
Software edition:
Reference #: 4008323
IBM Group: Software Group
Modified date: Nov 20, 2004