Fixes are available
APAR status
Closed as program error.
Error description
When validating JSON Web Token (JWT) using a AAAPolicy, JSON string might fail to parse if it contains reserved XML characters such as '&'.
Local fix
Use a Gatewayscript action to validate JWT prior to a AAAPolicy action. See sample gatewayscript in technote below: http://www-01.ibm.com/support/docview.wss?uid=swg22014764
Problem summary
Affected is the use of JWT(JSON Web Token) validation. When using JWT validation and AAAPolicy, and its JSON String includes reserved XML characters like '&', then the JWT validation will fail.
Problem conclusion
Fix is available in 7.6.0.8 and 7.7.1.1 For a list of the latest fix packs available, please see: http://www-01.ibm.com/support/docview.wss?uid=swg21237631
Temporary fix
Use a Gatewayscript action to validate JWT prior to a AAAPolicy action. See sample gatewayscript in technote below: http://www-01.ibm.com/support/docview.wss?uid=swg22014764
Comments
APAR Information
APAR number
IT25198
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
750
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-05-30
Closed date
2018-07-18
Last modified date
2018-07-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R760 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"750","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
11 February 2022