APAR status
Closed as program error.
Error description
The URBridge adapter removes uniqueId from PersonAccount and Group DataObjects. When the URBridge populates a DataObject to build a PersonAccount or Group entity, the uniqueId field is always removed.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * * using federated repositories with a * * repository * * connected via the URBridge adapter and * * using * * the custom property uniqueGroupIdProperty. * **************************************************************** * PROBLEM DESCRIPTION: After setting the custom property * * uniqueGroupIdProperty in a URBridge * * adapter repository, login fails. * **************************************************************** * RECOMMENDATION: * **************************************************************** Login fails when using the custom property uniqueGroupIdProperty in a URBridge adapter repository. This generally results in an authorization failure because the groups are not correctly populated. You may see "SECJ0129E: Authorization failed for user" or the following in trace: RoleBasedAuth 3 Unexpected exception caught java.lang.NullPointerException at com.ibm.ws.security.role.RoleBasedAuthorizerImpl.isGroupGrantedA ny Role(RoleBasedAuthorizerImpl.java:558) at com.ibm.ws.security.role.RoleBasedAuthorizerImpl.isGrantedRole(R ol eBasedAuthorizerImpl.java:871) at com.ibm.ws.management.authorizer.AdminAuthorizerImpl.isGrantedRo le (AdminAuthorizerImpl.java:1132)
Problem conclusion
The custom property uniqueGroupIdProperty can be used without losing required information on the Group entities that causes login failure. The fix for this APAR is targeted for inclusion in fix pack 8.5.5.23 and 9.0.5.14. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH49932
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-09-30
Closed date
2022-10-19
Last modified date
2022-10-19
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
20 October 2022