PQ72770: 400 (BAD REQUEST) RETURNED FROM A WEBCONTAINER INCORRECTLY WHEN USING THE HTTP PLUGIN. | |||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||
APAR status Closed as unreproducible in next release. Error description During the handshake of a request using v1.4 SSL, newline characters are now inserted into the Client Certificate. When these certificates are 'passed through' to a webcontainer using the HTTP Plugin (as private headers), the webcontainer is not expecting these newline characters. The code then incorrectly determines the headers to be corrupted, and the request to be malformed, and returns a 400 Bad Request to the browser. THIS WAS ADDRESSED IN SYSTEM SSL APAR OA02637 WHICH IS ON PTF UQ01920.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V4.0.1 for z/OS and OS/390 who are using * * Client Certificates. * * * **************************************************************** * RECOMMENDATION: * **************************************************************** During the handshake of a request using v1.4 SSL, newline characters are now inserted into the Client Certificate. Due to this the WebContainer component determines the headers to be corrupted, and the request to be malformed and sends returns a 400 Bad Request to the browser.Problem conclusion Temporary fix Comments This was addressed in System SSL APAR OA02637 which is on PTF UQ01920.
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ72770
IBM Group: Software Group
Modified date: Jun 18, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.