PQ70127: PROBLEM WITH JSSE: WAS/LDAP SYSTEM HANGS DURING USER AUTHENTICATION USING SSL

 Fixes are available

4.0.6: WebSphere Application Server Version 4.0 Fix Pack 6
WebSphere Application Server_Security_JSSE_cumulative_Fix



APAR status
Closed as program error.

Error description
.
Environment:
   WebSphere Application Server (WAS) 4.0.3 AE for AIX
   iPlanet Directory (LDAP) Server 5.1
.
Problem:
   When customer has enabled WAS security with LDAP server via
SSL, entering a valid username and an invalid password
causes login to hang. Problem occurs only when using SSL. JSSE
to be fixed for resolving issue.
Local fix
Level 3 to update
Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 have enabled security and have configured    *
*                 LDAP for the user registry and have          *
*                 configured SSL between LDAP and WebSphere.   *
****************************************************************
* PROBLEM DESCRIPTION: System hangs if a bad user ID and       *
*                      password are supplied.                  *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
WebSphere hangs waiting for JNDI to return if a bad user ID and
password are supplied.  The problem only occurs against certain
LDAP servers and only if SSL is configured.
Known LDAP servers susceptible to the problem are:
iPlanet
MS Active Directory
Note, the problem is not within the LDAP server.
Problem conclusion
The problem was isolated to the IBM JSSE implementation and
has been resolved in this package.  A JSSE containing the
necessary code changes is now packaged with WebSphere.
Temporary fix
A new JSSE jar was made available for testing.
Comments
APAR information
APAR number PQ70127
Reported component name WAS BASE 5.0
Reported component ID 5630A2200
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2003-01-21
Closed date 2003-03-20
Last modified date 2003-03-20

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PQ72443

Modules/Macros

SRLS

Fix information

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ70127
IBM Group: Software Group
Modified date: Mar 20, 2003