PQ59461: USER AUTHENTICATION CREATES TWO CREDENTIALS INSTEAD OF ONE.

APAR status
Closed as program error.

Error description
WebSphere security performs MapCredentials immediately followed
by Validate when a user makes the first request. Both of these
calls end up authenticating the same user twice. In particular,
the call to getGroupsForUser takes several seconds on each of
the two occasions. If we could take away one of these
(seemingly redundant) calls (the one made during Validate),
this would significantly improve performance for the customer.
Local fix
an efix has been created for the problem
ltp-cred-cache-354.jar
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Servers users of       *
*                 LTPA authentication with custom login.       *
****************************************************************
* PROBLEM DESCRIPTION: Performance improvement for LTPA        *
*                      authentication with custom login or     *
*                      Form login                              *
****************************************************************
* RECOMMENDATION: Apply this efix to improve performance for   *
*                 Ltpa authentication.                         *
****************************************************************
This is a performance improvement efix.  In this efix, we
use credential cache technique to reduce the number of LTPA
server calls. For custom/Form login with Ltpa authentication,
the number of ldap searches are reduced by half.
Problem conclusion
Unnecessary ldap searches may cause performance problem.
Temporary fix
The efix PQ58739-354.jar is placed in
wasdoc0\Apars\PQ58739\3.5.x
Comments
The efix has been send to client before the APAR was created,
so we rename the efix with Apar name.
APAR information
APAR number PQ59461
Reported component name WEBSPHERE AE SO
Reported component ID 5630A2202
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-03-26
Closed date 2002-03-26
Last modified date 2002-03-26

APAR is sysrouted FROM one or more of the following:
PQ58739

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

Fix information
Fixed component name WEBSPHERE AE SO
Fixed component ID 5630A2202

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ59461
IBM Group: Software Group
Modified date: Mar 26, 2002