IBM Support

JR45992: CMVC 227819 - The LDAP password get created and then updated with the same password during the user registration.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The LDAP password get created and then updated with the same
    password during the user registration either in WebSphere
    Commerce Organization Administration Console or store front. So
    in case in LDAP side the password policy does not allow using
    previous password, we will see similar exception as below:
    
    [2/20/13 10:38:42:392 GST] 00000029 CommerceSrvr  E
    com.ibm.commerce.member.syncbeans.VMMProxy
    updateMember(TypedProperty atpProperties, String astrDN, short
    shMemberType) CMN0409E: The following error occurred during
    processing: "java.security.PrivilegedActionException:
    com.ibm.websphere.wim.exception.WIMSystemException: CWWIM4520E
     The 'javax.naming.directory.InvalidAttributeValueException:
    [LDAP: error code 19 - Error, Password in History]; Remaining
    name: 'uid=feb20usertest2,ou=madisons,o=seller
    organization,o=alfuttaim,c=ae'; Resolved object:
    'com.sun.jndi.ldap.LdapCtx@7150715'' naming exception occurred
    during processing.
    at
    com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManager
    Impl.java:5411)
    at
    com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextM
    anagerImpl.java:5453)
    at
    com.ibm.commerce.member.syncbeans.VMMProxy.updateMember(VMMProxy
    .java:852)
    at
    com.ibm.commerce.member.syncbeans.UserSyncBean.updatePasswordInL
    DAP(UserSyncBean.java:1146)
    at
    com.ibm.commerce.security.commands.UpdateCredentialsCmdImpl.perf
    ormExecute(UpdateCredentialsCmdImpl.java:224)
    at
    com.ibm.commerce.command.ECCommandTarget.executeCommand(ECComman
    dTarget.java:157)
    at
    com.ibm.ws.cache.command.CommandCache.executeCommand(CommandCach
    e.java:332)
    at
    com.ibm.websphere.command.CacheableCommandImpl.execute(Cacheable
    CommandImpl.java:166)
    at
    com.ibm.commerce.command.AbstractECTargetableCommand.execute(Abs
    tractECTargetableCommand.java:217)
    at
    com.ibm.commerce.usermanagement.commands.UserRegistrationCmdImpl
    .UpdateCredentials(UserRegistrationCmdImpl.java:5241)
    at
    com.ibm.commerce.usermanagement.commands.UserRegistrationAdminCm
    dImpl.performExecute(UserRegistrationAdminCmdImpl.java:226)
    at
    com.ibm.commerce.usermanagement.commands.UserRegistrationAdminAd
    dCmdImpl.performExecute(UserRegistrationAdminAddCmdImpl.java:181
    )
    

Local fix

  • Disable the LDAP password policy to allow using previous
    password.
    

Problem summary

  • USERS AFFECTED:
     WebSphere Commerce users on v7.0 who uses LDAP.
    
     PROBLEM ABSTRACT:
     The LDAP password get created and then updated with the same
    password during the user registration.
    
     BUSINESS IMPACT:
     The user registration process will be impacted.
    
     RECOMMENDATION:
    

Problem conclusion

  • The code is changed to not update the password right after the
    password creation in LDAP end.
    
    
     -------------------------------------------------------------
     The latest available maintenance information can be obtained
    from the Recommended Fixes for WebSphere Commerce technote:
     http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR45992

  • Reported component name

    WC BUS EDITION

  • Reported component ID

    5724I3800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    YesSpecatt / Pervasive

  • Submitted date

    2013-03-12

  • Closed date

    2013-06-11

  • Last modified date

    2013-06-11

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WC BUS EDITION

  • Fixed component ID

    5724I3800

Applicable component levels

  • R700 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSYL","label":"WebSphere Commerce Enterprise"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
11 June 2013