PQ56667: PQ51545 DOES NOT CONSTRUCT URIS PROPERLY WITH SECURITY ON. | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
APAR status Closed as program error. Error description The application of PQ51545 on WebSphere Application Server 4.0.1 or the use of the parameter to set behavior of absolute or relative URIs in WebSphere Applicaiton Server 4.0.2 does not work properly with the Application Server global security on.Local fix Problem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server developers * * using form login security. * **************************************************************** * PROBLEM DESCRIPTION: When security is enabled, WebSphere * * does not properly construct the uri * * to the form login page. * **************************************************************** * RECOMMENDATION: * **************************************************************** WebSphere is handling form based login uri's relative to the calling jsp. If the calling jsp or servlet is not located in the base directory of the context root of the war file, the uri is built incorrectly.Problem conclusion WebSphere needs to calculate the uri based upon a setting for sendRedirect. In the web.xml, form login uri's are required to start with a leading slash to indicate relative to either the webserver root or context root. The decision about using which root is based upon the sendRedirect property. The original code was removing the leading slash and redirecting relative to the calling jsp or servlet.Temporary fix //wasdoc0/apars/pq56667/4.0.2Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56667
IBM Group: Software Group
Modified date: Apr 29, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.