PQ76644: WEBREQUESTS USING CLIENT CERTIFICATES UNCONDITIONALLY MAP CERTIFICATES TO RACF IDENTITY

 A fix is available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
WebRequests using Client Certificates unconditionally map
certificates to RACF identity.  This was uncovered because of
performance testing, but it also causes HTTPS requests to fail
if a nonSAF registry is configured as the registry and there is
no way to map the client certificate to a SAF identity. This
should not be required.  This APAR will modify the bbossess.cpp
code to avoid doing this mapping in the controller.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V5.0 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: Performance improvement for Web         *
*                      Authentication request that uses Client *
*                      Certificates.                           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Web requests using Client Certificates unconditionally map
certificates to RACF identity causing a performance degradation.
This mapping should only occur for IIOP requests.
Problem conclusion
Support was modified to map Certificates to RACF identities only
when using IIOP request.

APAR PQ76644 is associated with SERVICE LEVEL W500104 of
WebSphere Application Server V5.0 for z/OS.
Temporary fix Comments
APAR information
APAR number PQ76644
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 500
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-07-22
Closed date 2003-08-30
Last modified date 2003-10-03

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
BBOUBINF          

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSY UQ79825    UP03/09/10 P F309

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PQ76644.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ76644
IBM Group: Software Group
Modified date: Oct 3, 2003