PQ56053: WASSECK - SPECIAL CHARACTERS IN LDAP SERVER ENTRIES NOT HANDLED PROPERLY BY WAS | |||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||
APAR status Closed as program error. Error description Environment: WebSphere Application Server 3.x & 4.0 Description: This APAR is to address how WebSphere Application Server should handle special characters that are embedded in the value of the attribute of an LDAP server entry. Currently, WebSphere Application Server 3.x (and possibly 4.0) don't handle special characters (asterisk, comma, and others) well. PMR 13953,499,000 where this APAR originates, addresses specifically a problem handling a CN attribute, which is assigned to the last name followed by a comma and then followed by the first name. When assigning an LDAP group to the permissions for a method group, authorization failure occurs when trying to access the secured resources because of the comma embedded in the username.Local fix Problem summary A combination of a limit of the internal LDAP client and WAS coding causes problems in authentication when the LDAP entries use of special characters (/, *, etc.) in the username attribute.Problem conclusion A fix is done in security coding to accept user name with special characters.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: PQ51294 APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56053
IBM Group: Software Group
Modified date: Apr 24, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.