PQ63457: ALLAUTHENTICATEDUSERS NOT WORKING FOR ROLE MAPPING

APAR status
Closed as program error.

Error description
Environment:
WebSphere Application Server 4.0.x
.
Description:
   Mapping an application role to the AllAuthenticatedUsers role
available by checkbox in the security center did not function
as prescribed...users were denied access to pages after
authenticated succeeded.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users       *
*                 who have security enabled and are using      *
*                 WebSphere Studio Application Developer       *
*                 (WSAD) to create and deploy EARs with        *
*                 security role references.                    *
****************************************************************
* PROBLEM DESCRIPTION: Users given access to a resource via    *
*                      the special role "All Authenticated     *
*                      Users" receive authorization failures.  *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Users given access to a resource via the special role "All
Authenticated Users" receive authorization failures.  The
reason for this was that WAS erroneously creating empty access
ID for special authorization subjects "All Authenticated Users"
and "Everyone."  These special authorization subjects are not
supposed to have access IDs which cause the name to be used as
the access ID.
Problem conclusion
Code was added at runtime to recreate the access ID as the
name if the supplied ID is empty.
Temporary fix
Contained in security cumulative eFix PQ63457 or more recent.
Comments
APAR information
APAR number PQ63457
Reported component name WEBSPHERE AE NT
Reported component ID 5630A2201
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-07-23
Closed date 2002-08-19
Last modified date 2003-04-30

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

Fix information
Fixed component name WEBSPHERE AE NT
Fixed component ID 5630A2201

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ63457
IBM Group: Software Group
Modified date: Apr 30, 2003