APAR status
Closed as program error.
Error description
WebAuthenticator TAI logic passes the web attributes realm into
the login, not the WSAS registry realm. The realm used is
always the registry realm. This results in many accesses to
LDAP during a single /myportal request.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who have *
* enabled security and configured Trust *
* Association. *
****************************************************************
* PROBLEM DESCRIPTION: Security performance degrades *
* when using Trust Association. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
Trust Association logic passed an incorrect realm into the
login. This can cause cache logic to miss when looking up a
subject which can result in extra remote calls or queries if
using a remote registry such as an LDAP registry.
Problem conclusion
The correct realm is now used.
Temporary fix
design and code review
Comments
APAR information |
APAR number |
PQ85946 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
00W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-03-11 |
Closed date |
2004-05-11 |
Last modified date |
2004-05-11 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R003 PSY |
UP |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R103 PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|