PQ61779: AUTHORIZATION FAILS WITH AN EXTERNALLY CREATED LTPA TOKEN. | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
APAR status Closed as program error. Error description Authorization fails with externally created LTPA Tokens if the access ID string does not match exactly with the ID stored in the WAS authorization tables.Local fix Problem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server users using * * security and Single Sign On. * **************************************************************** * PROBLEM DESCRIPTION: Authorization fails with externally * * created LTPA Token. * **************************************************************** * RECOMMENDATION: * **************************************************************** Authorization fails for externally created Ltpa Token due to an extra space between Relative Disinguished Name and the Base Distinguished Name required by WebSphere security. This is a result of WebSphere using exact name matching.Problem conclusion The name used for authorizations is now created internally by WebSphere so the format of the name is consistent with the name stored in the authorization table including the space between the Relative Distinguished Name and Base Distinguished Name.Temporary fix PQ59667-3.5.4-3.5.5-3.5.6-test.jarComments Supplied fix to create access ID from internal registry calls instead of the ID from the externally created LTPA token.
APAR is sysrouted FROM one or more of the following: PQ59667 APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ61779
IBM Group: Software Group
Modified date: Jul 6, 2004
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.