PQ56065: STATIC RESOURCE WHICH SECURED BY WEBSPHERE APPLICATION SERVER, CAN BE ACCESSED WHEN ADMIN SERVER IS DOWN. | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
APAR status Closed as program error. Error description The customer defined static html resource as secured URI of WebSphere Application Server. This resource can be accessed without any challenge if the Application Server adminServer is not running. The plugin should care about this.Local fix Problem summary **************************************************************** * USERS AFFECTED: All WebSphere Application Server users who * * use WebSphere security to secure webserver * * resources (ie, resources that will not be * * processed by the WebSphere Application * * server). * **************************************************************** * PROBLEM DESCRIPTION: When the application server is not * * running, users are granted access to * * static html pages, which should be * * secured by WAS, without being * * challenged for a userid/password. * **************************************************************** * RECOMMENDATION: * **************************************************************** When the application server is not running, users are granted access to static html pages, which should be secured by WAS, without being challenged for a userid/password.Problem conclusion Modified the ose/plugin security functions so that if the communication cannot be established with the application server access would be denied to the secured static html pages.Temporary fix PQ54969Comments
APAR is sysrouted FROM one or more of the following: PQ54969 APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56065
IBM Group: Software Group
Modified date: Apr 29, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.