PQ71416: workaround for search() method

 Fixes are available

4.0.6: WebSphere Application Server Version 4.0 Fix Pack 6
Security; V4.0.2-V4.0.7: Cumulative fix for security component



APAR status
Closed as program error.

Error description
Fixing the search() method due to what jndi method is returning.
Local fix
search()
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server security        *
*                 users who have Distinguished Names (DNs)     *
*                 containing the character '#' on their        *
*                 LDAP server.                                 *
****************************************************************
* PROBLEM DESCRIPTION: If a DN contains the special character  *
*                      #, the user may not be authenticated or *
*                      authorized properly.                    *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
If a LDAP entry DN contains the special character '#', a JNDI
search does not return relative name, it returns LDAP URL.
WebSphere still treats the return value as relative name. Also,
if an attribute value in DN starts with '#', the '#' should be
escaped.
Problem conclusion
WebSphere will now parse LDAP SearchResult accordingly, either
as a relative name or  aLDAP URL, and generate a correct DN
for the entry.  WebSphere also will escape '#' characters if
the '#' occurs at the beginging of a String attribute value.
Temporary fix
provide test fix.
Comments
APAR information
APAR number PQ71416
Reported component name WEBSPHERE AE NT
Reported component ID 5630A2201
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2003-02-25
Closed date 2003-03-17
Last modified date 2003-05-21

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PQ74405

Modules/Macros
security          

SRLS

Fix information

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ71416
IBM Group: Software Group
Modified date: May 21, 2003