APAR status
Closed as program error.
Error description
When the Web Application Firewall is configured to encrypt cookies in the request profile, only the first cookie in the 'Cookie Names' list gets encrypted.
Local fix
Problem summary
Affected are all users of Web Application Firewall configured to process (encrypt/decrypt or sign/verify) cookies. Affected are especially those, who don't process all cookies, but have specified a list of particular cookies to be processed. The error in Web Application Firewall cookie processing manifests by processing just the first cookie in the list; discarding all cookies from a User Agent, that are not marked for processing or discarding signed cookie attributes coming from a server.
Problem conclusion
The fix is available in 4.0.1.15, 4.0.2.11 and 5.0.0.5 For a list of the latest fix packs available, please see: http://www-01.ibm.com/support/docview.wss?uid=swg21237631
Temporary fix
Comments
APAR Information
APAR number
IC88966
Reported component name
DPWR SRV GTWAY
Reported component ID
DP905XG45
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-12-10
Closed date
2012-12-20
Last modified date
2013-01-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DPWR SRV GTWAY
Fixed component ID
DP905XG45
Applicable component levels
R402 PSN
UP
R500 PSN
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSNR47","label":"WebSphere DataPower Service Gateway XG45"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
24 January 2013