PQ62684: CREATE ACCESSID AT RUNTIME IF THEY HAVE NOT BEEN CREATED.

 A fix is available

PQ60772, 4.0.2,4.0.3,4.0.4: WSCP fails to validate user/group when role mapping



APAR status
Closed as program error.

Error description
Customer is adding to Role Group Roles using WSCP, WSCP did not
create and AccessID in the process.  The results are
authorization exceptions when using the group.
Local fix
Manually add Roles to Group Roles through the AAT tool but this
is too manual a process due to the large volume of users and
nodes etc.
Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users       *
*                 adding groups to Roles via WSCP.             *
****************************************************************
* PROBLEM DESCRIPTION: Authorization failures for members of   *
*                      groups that were added to a Role via    *
*                      WSCP.                                   *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Authorization failures for members of groups that were added to
a Role via WSCP.  The problem stemmed from the fact that WSCP
was not inserting an access ID for the group, which is used
internally by WebSphere for authorization, into the Role.
Problem conclusion
The security runtime now creates an access ID if it is missing.
Temporary fix
testing eFix was send to customer.
Comments
APAR information
APAR number PQ62684
Reported component name WEBSPHERE AE AI
Reported component ID 5630A2200
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-06-27
Closed date 2002-06-28
Last modified date 2002-06-28

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

SRLS

Fix information
Fixed component name WEBSPHERE AE AI
Fixed component ID 5630A2200

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ62684
IBM Group: Software Group
Modified date: Jun 28, 2002