PQ61738: WEBSPHERE APP SERVER TRUST ASSOCIATION DOESN'T ALLOW OTHER TYPESOF AUTHENTICATION TO WORK | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
APAR status Closed as program error. Error description Environment: WebSphere Application Server . Description: Customer was using the Application Server, and when trust association is enabled, they are still able to authentication via other method (basic, certificate, and others). After upgrading to a higher fixpack enabling trust association caused any authentication to be treated as if it is coming from WebSeal. As a result, authentication done via basic, certificate, and others fails because they don't contain the header information that the trust association interceptor expects.Local fix Problem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server users who * * enable Trust Association with WebSeal. * **************************************************************** * PROBLEM DESCRIPTION: After Trust Association is enabled with * * WebSeal, authentication fails if the * * request is not via WebSeal. * **************************************************************** * RECOMMENDATION: * **************************************************************** After Trust Association is enabled with WebSeal, authentication fails if the request is not from WebSeal. If the request header contains a 'via' tag (even if this tag has no value), authentication functioned as expected. However, if the 'via' tag was missing, then authentication fails.Problem conclusion The WebSeal Trust Association interceptor now checks if the 'via' tag value is not present and treats this condition the same as if the 'via' tag was not present in the request header.Temporary fix send a testing eFix to customerComments
APAR is sysrouted FROM one or more of the following: PQ61020 APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ61738
IBM Group: Software Group
Modified date: Apr 30, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.