PQ74819: WITH VALID USERID AND PASSWORD AND WEBAUTH.SINGLESIGNON.ENABLED=FALSE, FORM-BASED AUTHENTICATION FAILS. | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description If form-based authentication and WebAuth.SingleSignOn.Enabled= False, the browser does not return the cookie containing the required tokens as expected. This happens because the setting for WebAuth.FormBasedLogin.SingleSignOnDomain is still being honored.Local fix Disable WebAuth.FormBasedLogin.SingleSignOnDomain parameter in the Webcontainer.conf.Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * version 4.0.1 for z/OS and OS/390 * **************************************************************** * PROBLEM DESCRIPTION: Form-based authentication fails with * * valid userid and password when Web * * container property * * WebAuth.SingleSignOn.Enabled * * is set to false. * **************************************************************** * RECOMMENDATION: * **************************************************************** Customer is receiving login error for form-based Web applications even if the correct userid and password were supplied. The WebAuth.SingleSignOn.Enabled and WebAuth.SingleSignOn.Domain properties work together. Therefore, when single sign-on is disabled (the WebAuth.SingleSignOn.Enabled property is set to false), a Domain name should not be used in the cookie. When single sign-on is disabled and WebAuth.SingleSignOn.Domain is specified in the webcontainer.conf file, the Domain name is used in the LoginToken Cookie. This causes the browser not to send the LoginToken Cookie to the WebSphere Application Server, and results in a login error.Problem conclusion The code was changed so that the Domain name is not set in the LoginToken cookie if single sign-on is disabled. APAR PQ74819 is associated with SERVICE LEVEL W401508 of WebSphere Application Server version 4.0.1 for z/OS and OS/390.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ74819
IBM Group: Software Group
Modified date: Jul 3, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.