PQ62577: WILD CARD CHARACTERS ARE NOT TREATED PROPERLY. | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Wild card characters are not treated properly in the user name at login time. for example: User ID Adm* Password nataraj can get you into WAS. Can reproduce this on DOMINO LDAP or Secureway directory.Local fix Problem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server users who use * * LDAP user registry in authentication. * **************************************************************** * PROBLEM DESCRIPTION: Wild card characters in a user name * * are not treated properly. * **************************************************************** * RECOMMENDATION: * **************************************************************** An "*" represent any character in LDAP if not escaped. WebSphere did not escape any "*" in a user's name. It is important to note that unless the user has only one match in the registry when the "*" is treated as a wild card, the user will be refused authentication. The users password must still be correct as well.Problem conclusion WebSphere security will escape "*" if user name contains "*" in our Ldap registry implementation, and ldap filter will check a value with the character "*", rather than treat "*" as any character.Temporary fix provided testing eFixComments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: PQ42162 Modules/Macros
SRLS
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ62577
IBM Group: Software Group
Modified date: Jul 24, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.