PQ74405: workaround for search() method | |||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Fixing the search() method due to what jndi method is returning.Local fix search()Problem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server security * * users who have Distinguished Names (DNs) * * containing the character '#' on their * * LDAP server. * **************************************************************** * PROBLEM DESCRIPTION: If a DN contains the special character * * #, the user may not be authenticated or * * authorized properly. * **************************************************************** * RECOMMENDATION: * **************************************************************** If a LDAP entry DN contains the special character '#', a JNDI search does not return relative name, it returns LDAP URL. WebSphere still treats the return value as relative name. Also, if an attribute value in DN starts with '#', the '#' should be escaped.Problem conclusion WebSphere will now parse LDAP SearchResult accordingly, either as a relative name or aLDAP URL, and generate a correct DN for the entry. WebSphere also will escape '#' characters if the '#' occurs at the beginging of a String attribute value.Temporary fix provide test fix.Comments
APAR is sysrouted FROM one or more of the following: PQ71416 APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ74405
IBM Group: Software Group
Modified date: May 21, 2003
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.