IBM Support

IC91903: REPLACING EXISTING USERNAME TOKEN IN AAA POLICY CAUSES CONNECTION REQUEST TO FAIL TO BACKEND SERVER

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as fixed if next.

Error description

  • When a username token (UNT) is already present in a request
    message and the AAA PostProcessing step is configured to replace
    the existing UNT, DataPower will replace it by creating an
    entirely new security header.
    
    In the event the existing UNT contained a Timestamp element,
    the Timestamp element would be removed as result of the new
    security header added by DataPower.  This could then cause
    the backend server to fail the request due to the missing
    Timestamp element that it expected.
    
    DataPower should only replace the UNT element and not the entire
    security header.
    

Local fix

  • In the AAA PostProcessing step, set "Replace existing username
    token" to Off, to prevent the TimeStamp element from being
    overwritten with a new security header.
    

Problem summary

  • Fix will be available in a future major release.
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    IC91903

  • Reported component name

    DTAPWR B2B APL

  • Reported component ID

    DP905XB62

  • Reported release

    500

  • Status

    CLOSED FIN

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-04-26

  • Closed date

    2013-05-15

  • Last modified date

    2013-05-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

Applicable component levels

  • R400 PSN

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSHTED","label":"WebSphere DataPower B2B Appliance XB62"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.0.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 May 2013