PQ69352: SETTING WEB_SECURITY_VERSION=2 USING BASIC FORM LOGIN, METHOD GETREMOTEUSER KEEPS THE CASE ENTERED USING HTTP TRANSPORT ONLY | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Customer reports that running BASIC FORM LOGIN with WEB_ SECURITY_VERSION=2 in jvm properties when user enters userid/ passsword at the browser in lower case the getremoteuser method parses it that way. Running with the HTTP PLUGIN the userid and password get folded to uppercase regardless of what is entered at the browser.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V4.0.1 for z/OS and OS/390 * **************************************************************** * PROBLEM DESCRIPTION: Setting WEB_SECURITY_VERSION=2 using * * basic form login, method getremoteuser * * keeps the case entered when using HTTP * * transport. This is inconsistent with * * other login behavior. * **************************************************************** * RECOMMENDATION: * **************************************************************** Customer reports that running BASIC FORM LOGIN with WEB_SECURITY_VERSION=2 in jvm properties when user enters userid/password at the browser in lower case the getremoteuser method parses it that way. Running with the HTTP PLUGIN the userid and password get folded to uppercase regardless of what is entered at the browser.Problem conclusion The login process was updated to uppercase the input value before login, and save the uppercased ID in the principal. This is consistent with the other login behaviour and enables the SAF login. APAR PQ69352 is associated with SERVICE LEVEL W401501 of WebSphere Application Server V4.0.1 for z/OS and OS/390.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ69352
IBM Group: Software Group
Modified date: Apr 3, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.