PQ78948: WAS Plugin for IHS 2 (all OS) not handling session info in URI

 Fixes are available

PQ86603: IBM HTTP Server V2.0.x mod_alias/mod_rewrite conflict with V5.0 plug-in
4.0.2-4.0.7: Plug-in component cumulative fix
5.0.2.7: WebSphere Application Server Express 5.0.2 Cumulative Fix 7
5.0.2.12: WebSphere Application Server 5.0.2 Cumulative Fix 12
5.0.2.13: WebSphere Application Server 5.0.2 Cumulative Fix 13
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for AIX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Solaris
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for HP-UX
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Windows
5.0.2.14: WebSphere Application Server 5.0.2 Cumulative Fix 14 for Linux
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Windows
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Solaris
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for AIX
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for Linux
5.0.2.15: WebSphere Application Server 5.0.2 Cumulative Fix 15 for HP-UX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for HP-UX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for AIX
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Solaris
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Windows
5.1.1.9: WebSphere Application Server V5.1.1 Cumulative Fix 9 for Linux
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for AIX
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for HP-UX
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Linux
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Windows
5.0.2.16: WebSphere Application Server 5.0.2 Cumulative Fix 16 for Solaris
5.0.2.8: WebSphere Application Server V5.0.2 Cumulative Fix 8
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for HP-UX
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for AIX
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Solaris
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Windows
5.1.1.10: WebSphere Application Server V5.1.1 Cumulative Fix 10 for Linux
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Windows
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Solaris
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for HP-UX
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for Linux
5.0.2.17: WebSphere Application Server 5.0.2 Cumulative Fix 17 for AIX



APAR status
Closed as program error.

Error description
WAS Plugin for IHS 2.0 (all platforms) where IHS 2 powered by
apache 2 doesn't properly handle embedded Session information
within the URI.
Local fix
None Available
Problem summary
****************************************************************
* USERS AFFECTED: Customers who use WAS plug-in for IHS 2.0.   *
****************************************************************
* PROBLEM DESCRIPTION: URLs to be served by WebSphere          *
*                      Application Server that contain a ":"   *
*                      in the parameter list (e.g.             *
*                      http://127.0.0.1:8080/foo;session=0:0)  *
*                      will be rejected by IBM HTTP Server     *
*                      v2.0 with either a 403 or 404 status    *
*                      code and not forwarded to WebSphere     *
*                      Application Server. URLs of this form   *
*                      were accepted by IBM HTTP Server        *
*                      version 1.3.                            *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
URLs that were accepted in IHS 1.3 are no longer accepted in
IHS 2.0.
Problem conclusion
The ap_core_translate hook assumes the requested object
resides in the Apache file system (under DocumentRoot). Valid
URIs to be serviced by WAS like:
  
http://127.0.0.1:8080/dobedobedo;session=0:0
will be rejected by ap_core_translate.  Therefore, if WAS is
to serve this request, we must not allow the ap_core_translate
hook to run.
Temporary fix Comments
APAR information
APAR number PQ78948
Reported component name WEBSPHERE AE NT
Reported component ID 5630A2201
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2003-09-26
Closed date 2003-11-05
Last modified date 2003-11-05

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

SRLS

Fix information

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ78948
IBM Group: Software Group
Modified date: Nov 5, 2003