PQ72443: PROBLEM WITH JSSE: WAS/LDAP SYSTEM HANGS DURING USER AUTHENTICATION USING SSL

 A fix is available

WebSphere Application Server_Security_JSSE_cumulative_Fix for V 5.0



APAR status
Closed as program error.

Error description
.
Environment:
   WebSphere Application Server (WAS) 4.0.3 AE for AIX
   iPlanet Directory (LDAP) Server 5.1
.
Problem:
   When customer has enabled WAS security with LDAP server via
SSL, entering a valid username and an invalid password
causes login to hang. Problem occurs only when using SSL. JSSE
to be fixed for resolving issue.
Local fix
Level 3 to update
Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 have enabled security and have configured    *
*                 LDAP for the user registry and have          *
*                 configured SSL between LDAP and WebSphere.   *
****************************************************************
* PROBLEM DESCRIPTION: System hangs if a bad user ID and       *
*                      password are supplied.                  *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
WebSphere hangs waiting for JNDI to return if a bad user ID and
password are supplied.  The problem only occurs against certain
LDAP servers and only if SSL is configured.
Known LDAP servers susceptible to the problem are:
iPlanet
MS Active Directory
Note, the problem is not within the LDAP server.
Problem conclusion
The problem was isolated to the IBM JSSE implementation and
has been resolved in this package.  A JSSE containing the
necessary code changes is now packaged with WebSphere.
Temporary fix
A new JSSE jar was made available for testing.
Comments
APAR information
APAR number PQ72443
Reported component name WEBSPHERE AE AI
Reported component ID 5630A3600
Reported release 00A
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-03-25
Closed date 2003-03-25
Last modified date 2003-03-25

APAR is sysrouted FROM one or more of the following:
PQ70127

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information
Fixed component name WEBSPHERE AE AI
Fixed component ID 5630A3600

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ72443
IBM Group: Software Group
Modified date: Mar 25, 2003