PQ89153: PROPERY COM.IBM.EJS.SECURITY.SETSSODOMAIN NOT DOCUMENTED | |||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||
APAR status Closed as documentation error. Error description The documentation for com.ibm.ejs.security.setSSODomain is not available in the InfoCenter or other publically available documentation. com.ibm.ejs.security.setSSODomain=false/true Documentation should include where the parameter is specified, the possible settings, the "default" setting if the parameter is not specified, and the effect on system operation for each setting for the parameter. It appears the usage of the parameter controls whether the domain name is stored in the LTPA cookie or not. --- Extraction from PMR data sent to customer follows --- In version v3, v4 and v5 of WebSphere, an SSO domain defines the DNS domain which will be set on the LTPA Token cookie which is the login token. The cookie will only be sent to a system in the domain set on it. Therefore, SSO is limited to one domain by current design. If multiple domain support is needed, this is done by not setting the SSO domain on the LTPA Token cookie. The cookie spec states that if the domain is not set,the cookie will only be sent back to the host which issued it. This effectively disables SSO but does allow Form Login to be used on multiple domains by the same system. To do this on Websphere >= v4.0.2 or >= v3.5.6, set the property "com.ibm.ejs.security.setSSODomain" to "false" on each application server's JVM properties. ---- end of abstract --- This parameter applies to V3.5.6, V3.5.7, and V4.0.2 and higher releases, V5.0.x, and V5.1.0. It does not appear to be in support documentation for any of these releases.Local fix Problem summary **************************************************************** * USERS AFFECTED: Customers wanting to read documentation * * regarding the * * com.ibm.ejs.security.setSSODomain * * property. Information for this property is * * missing from the Version 4.0.2-4.0.7 * * information centers. * **************************************************************** * PROBLEM DESCRIPTION: Documentation regarding the * * com.ibm.ejs.security.setSSODomain * * property is missing from the Version * * 4.0.2-4.0.7 information centers. * * Usage of the parameter controls * * whether the domain name is stored * * in the LTPA cookie or not. * **************************************************************** * RECOMMENDATION: Update the 4.0.x information center * * section 5.8 to include information * * regarding the * * com.ibm.ejs.security.setSSODomain * * property. * **************************************************************** Customers need to know information about the com.ibm.ejs.security.setSSODomain property because the information is missing from the Version 4.0.2-4.0.7 information centers.Problem conclusion Update the 4.0.x information center section 5.8 to include information regarding the com.ibm.ejs.security.setSSODomain property.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ89153
IBM Group: Software Group
Modified date: Jun 23, 2004
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.