PQ91324: With apar PQ87017 customers may see intermittent loss of credentials for Web applications.

APAR status
Closed as program error.

Error description
The apar 
PQ87017 fixed for Portal is not completely correct.
Eventhough it fixed the memory growth problem,
customers might see intermittent problems in web
applications due to lost credentials.

Symptoms that are seen:
Sometimes when the valid users try to login to the AAAA
application they get the  "You are not authorized to view this
page"   error. The log shows that it is looking for the user in
the BBBB_Users role when it should have looked for the user in
the AAAA_Users role.

The message is:
SECJ0129E: Authorization failed for a_user while invoking GET on
default_host:/AAAA/login.do, Authorization failed, Not granted
any of the required roles: BBBB_User
Local fix
The final fix has been included in APAR 
PQ88445.
It is available in:
 5.1.0.5, 5.0.2.7, 5.1.1
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who have  *
*                 enabled security and deployed applications   *
*                 which have a large number (100K or more) of  *
*                 unique URIs.                                 *
****************************************************************
* PROBLEM DESCRIPTION: After applying 
PQ87017, credentials may *
*                      be lost for web applications.           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
AAfter applying 
PQ87017, credentials may be lost for web
applications.  This may cause intermittent authorization
failures.
Problem conclusion
Logic was correected in class instanitiation code introduced
by APAR 
PQ87017.
Temporary fix Comments
APAR information
APAR number PQ91324
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 10W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2004-07-13
Closed date 2004-07-13
Last modified date 2005-08-19

APAR is sysrouted FROM one or more of the following:
PQ88445

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information
Fixed component name WAS BASE 5.0
Fixed component ID 5630A3600

Applicable component levels
R10A PSY    UP
R10H PSY    UP
R10I PSY    UP
R10P PSY    UP
R10S PSY    UP
R10W PSY    UP
R003 PSN    UP
R00H PSN    UP
R00I PSN    UP
R00P PSN    UP
R00S PSN    UP
R00W PSN    UP
R103 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 10W
Software edition:
Reference #: PQ91324
IBM Group: Software Group
Modified date: Aug 19, 2005