PQ66381: AFTER PQ60145 UNAUTHENTICATED USER'S ARE AUTHENTICATE USING DATAFROM ANOTHER USER'S REQUEST | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description A user requests an authenticated URL from the browser. nother request for an unauthenticated URL is made via elnet. WebSphere does not treat the second request as an anonymous user. What should be an anonymous user is treated as the last authenticated user to hit the site.Local fix Build eFixProblem summary **************************************************************** * USERS AFFECTED: WebSphere Application Server Users of the * * 4.0.4 WebContainer * **************************************************************** * PROBLEM DESCRIPTION: Unauthenicated user's are being * * authenicated using data from another * * user's request. * **************************************************************** * RECOMMENDATION: * **************************************************************** When Basic Authentication is on, unsecured requests are using the user authentication information from a previous authenticated request.Problem conclusion Request headers are being cleared after each request so the information can't be reused.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
SRLS
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ66381
IBM Group: Software Group
Modified date: Sep 25, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.