PQ66923: USING ONE COMMON PROXY ID FOR ALL SESSIONS CAUSES SESSION TIMEOUT FOR ALL SESSIONS WHEN ONE SESSION LTPATOKEN TIMESOUT.

 A fix is available

4.0.5: WebSphere Application Server Version 4.0 Fix Pack 5 (Version 4.0.5)



APAR status
Closed as program error.

Error description
Customer's concern are as follows:ls]:D: 1597969914],.java:1155)
.SAS0130E: Client credentials were not valid.  Restart thee],
Session timeout for one session throws away the LTPAToken and5)n
customer is not able to determine which session got timedout.Fir
Hence does not know which session to re-authenticate.e cliented.
and/or server to ensure that you are using new credentials. espo
Once credentials are marked invalid, they cannot become valided.
again.02 10:02:24:131 EDT] 1736f98c SystemOut     U    1>n)
.2002-09-23 10:02:24.109], [ServerID: 289231329],14],tendedServe
Local fix
Changed LTPAToken Timeout to 24 hours so the token expires
around midnight.
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users with      *
*                 security enabled.                            *
****************************************************************
* PROBLEM DESCRIPTION: Invalid credentials were not properly   *
*                      removed from the cache.                 *
****************************************************************
* RECOMMENDATION: apply the eFix.                              *
****************************************************************
Invalid credentials were not removed from the cache. Symptoms
include server credentials failing to refresh or users not
being able to aceess protected resources.
Problem conclusion
Remove all expired security cache.
Temporary fix
testing eFix is provided.
Comments
APAR information
APAR number PQ66923
Reported component name WEBSPHERE AE AI
Reported component ID 5630A2200
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-10-04
Closed date 2002-10-07
Last modified date 2002-10-07

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PQ61773

Modules/Macros
SECURITY          

SRLS

Fix information
Fixed component name WEBSPHERE AE AI
Fixed component ID 5630A2200

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ66923
IBM Group: Software Group
Modified date: Oct 7, 2002