APAR status
Closed as program error.
Error description
Description should read: Http basic authentication fails due to
incorrect encoding in WAS Base64Coder (defaulting to the
platform encoding, should be UTF-8 instead).
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server security *
* users with basic authentication. *
****************************************************************
* PROBLEM DESCRIPTION: Basic authentication may fail even *
* when user ID and password are correct *
* and if browser encoding is different *
* from platform default encoding where *
* the server is running. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
If platform default encoding where server is running is
different from browser's encoding, basic authentication may
fail. The reason for the failure is that server use its own
encoding to decode base 64 encoded user data from browser.
Problem conclusion
The server should just use the same encoding in browser to
decode user data received from HTTP servlet request head.
An iFix would be published for this APAR.
The fix for this APAR is currently targeted for inclusion in
fixpack 5.0.2.11 and 5.1.1.4. Please refer to the Recommended
Updates page for delivery dates:
http://www-1.ibm.com/support/docview.wss?rs=180&context=SSEQTP
&uid=swg27004980
Temporary fix
test fix provided.
Comments
APAR information |
APAR number |
PK01916 |
Reported component name |
WAS NETWRK DEPL |
Reported component ID |
5630A3601 |
Reported release |
00W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2005-03-02 |
Closed date |
2005-03-17 |
Last modified date |
2005-05-26 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
|
Fix information |
Fixed component name |
WAS NETWRK DEPL |
Fixed component ID |
5630A3601 |
Applicable component levels |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|