IBM Support

JR40368: CMVC 212243 - ALLOW THE REMOVAL OF AN LTPA TOKEN WHEN CONCURRENT USERS ARE ON THE SYSTEM USING THE SAME ID.

Direct link to fix

7.0.0-WS-WCServer-FP009

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When using WebSphere Commerce, typically concurrent access by
the same user is blocked by the application.  In cases where
Single-Sign-On (SSO) is enabled, an LTPA token is used to allow
users to access the system without a logon.  In this case the
application cannot block a user who access the system
concurrently, as the SSO token will automatically re-logon the
user into the system.

Local fix

  • 



Problem summary


    

  • USERS AFFECTED:
WebSphere Commerce users on v7.0 who have SSO enabled and want
to prevent users from logging into the system concurrently.

PROBLEM ABSTRACT:
Concurrent WebSphere Commerce users are not automatically logged
off when Single-Sign-On is enabled.

BUSINESS IMPACT:
Users may find that they are not logged off the system
automatically in cases of concurrent use.

RECOMMENDATION:

    



Problem conclusion


    

  • When concurrent access is detected by WebSphere Commerce the
ability to optionally remove the LTPA token has been added.
When enabled, the session is cleared for the user, including
their LTPA token.  This should prevent the user from being able
to re-access the website without needing to explicitly re-logon.
This option should only be used when WC is configured to
generate LTPA tokens.


In order to prevent the same user from concurrently logging on
to WebSphere Commerce when WebSphere Commerce is configured to
generate LTPA tokens at logon time, please add an attribute
named "SSOConcurrentLogon" to the MemberSubSystem/Directory
element in wc-server.xml, and set the value to 0. For example:

<Directory EntryFileName="ldap/ldapentry.xml"
MigrateUsersFromWCSdb="ON" SingleSignOn="1"
SSOConcurrentLogon="0" display="false"/>

-------------------------------------------------------------
The latest available maintenance information can be obtained
from the Recommended Fixes for WebSphere Commerce technote:
http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    JR40368
    • 

  • Reported component name
    WC BUS DEV ED W
    • 

  • Reported component ID
    5724I3900
    • 

  • Reported release
    700
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2011-08-11
    • 

  • Closed date
    2011-10-31
    • 

  • Last modified date
    2011-10-31
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    WC BUS DEV ED W
    • 

  • Fixed component ID
    5724I3900
    • 



Applicable component levels


    

  • R700  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSYT2H","label":"WebSphere Commerce Developer Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB31","label":"WCE Watson Marketing and Commerce"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            07 December 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback