IBM Support

PH30570: PROVIDE AN OPTION TO USE ONLY CUSTOM COOKIE NAME IN TRADITIONAL WEBSPHERE

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as new function.

Error description

  • Backport useOnlyCustomCookieName from WebSphere Liberty to
    Traditional WebSphere.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server                                      *
    ****************************************************************
    * PROBLEM DESCRIPTION: Provide an option to only use custom    *
    *                      LtpaToken name for the LTPA             *
    *                      authentication                          *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    This APAR introduces the following security custom property.
    Custom Property:
    com.ibm.websphere.security.useOnlyCustomCookieName
    Value: false (default)
    When the property is set to true, WebSphere will only look for
    the cookie with the name(s) specified in the following custom
    properties, and no longer evaluate cookies with the names
    "LtpaToken2" and "LtpaToken".
    com.ibm.websphere.security.customLTPACookieName
    com.ibm.websphere.security.customSSOCookieName
    To view or set the security custom properties, you can use the
    administrative console. Click Security > Global security >
    Custom properties. Then click New to add a new custom property
    and its associated value.
    Refer to the following URLs for the details of the above custom
    properties.
    https://www.ibm.com/docs/en/was-nd/8.5.5?topic=realm-security-
    custom-properties
    https://www.ibm.com/docs/en/was-nd/9.0.5?topic=realm-security-
    custom-properties
    If the custom cookie name(s) are not defined, WebSphere will
    skip the LTPA authentication.
    WebSphere Liberty has the same function with
    "useOnlyCustomCookieName" configuration described below.
    https://www.ibm.com/support/knowledgecenter/en/SS7K4U_liberty/co
    m.ibm.websphere.liberty.autogen.zos.doc/ae/rwlp_config_webAppSec
    urity.html
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    PH30570

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-10-14

  • Closed date

    2021-04-08

  • Last modified date

    2021-04-08

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

[{"Line of Business":{"code":"LOB36","label":"IBM Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"850"}]

Document Information

Modified date:
09 April 2021