APAR: PQ38772 V3.021
CMVC defect: PQ38772
PMR:  71923,519
Description:
   Passing a null username and password to the request_login method of the LoginHelper.class gives the thread that invokes this method privileges to access any secured resource instead of treating the username and password as being invalid. This eFix fixes this. This should be applied to everyone who plans to use the WebSphere security classes in their programming.

How to apply:
- create a directory to store the jar file (e.g. c:\WebSphere\AppServer\efix)
- copy pq38772.jar to that directory
- add the directory/jar file to the begining of the admin server's classpath
  in admin.config:

com.ibm.ejs.sm.adminserver.classpath=C:/WebSphere/AppServer/efix/pq38772.jar...

- restart the admin server