Fixes are available
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR10 Cumulative Fix for WebSphere Application Server
6.1.0.31: Java SDK 1.5 SR11 FP1 Cumulative Fix for WebSphere Application Server
6.1.0.33: Java SDK 1.5 SR12 FP1 Cumulative Fix for WebSphere
6.1.0.29: Java SDK 1.5 SR11 Cumulative Fix for WebSphere Application Server
6.1.0.35: Java SDK 1.5 SR12 FP2 Cumulative Fix for WebSphere
6.1.0.37: Java SDK 1.5 SR12 FP3 Cumulative Fix for WebSphere
6.1.0.39: Java SDK 1.5 SR12 FP4 Cumulative Fix for WebSphere Application Server
6.1.0.41: Java SDK 1.5 SR12 FP5 Cumulative Fix for WebSphere Application Server
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
APAR status
Closed as program error.
Error description
When attempting to renew the LTPA token after it has expired, the following error will be logged: com.ibm.websphere.security.auth.WSLoginFailedException: Validation of LTPA token failed due to invalid keys or token type.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: Users of IBM WebSphere Application Server * * version 6.1 who have security enabled, and * * are using LTPA as the active authentication * * mechanism. * **************************************************************** * PROBLEM DESCRIPTION: After the LTPA token expires, the * * token is not being renewed, resulting * * in the SECJ5010E error message. * * * **************************************************************** * RECOMMENDATION: * **************************************************************** After the LTPA token expires, the following error is logged: SECJ5010E: Could not create default AuthenticationToken during propagation login. The following exception occurred: com.ibm.websphere.security.auth.TokenExpiredException: Token expiration Date: Thu Jun 07 12:15:39 GMT+00:00 2007, current Date: Thu Jun 07 12:15:39 GMT+00:00 2007 at com.ibm.ws.security.ltpa.LTPAToken.isValid(LTPAToken. java:248) at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken (LTPAServerObject.java:995) at com.ibm.ws.security.ltpa.LTPAServerObject.validateToken (LTPAServerObject.java:892) at com.ibm.ws.security.token.AuthenticationTokenImpl. initializeToken(AuthenticationTokenImpl.java:203) at com.ibm.ws.security.token.AuthenticationTokenImpl. initializeToken(AuthenticationTokenImpl.java:148) at com.ibm.ws.security.token.WSCredentialTokenMapper. createAuthTokenFromWSCredential (WSCredentialTokenMapper.java:844) at com.ibm.ws.security.context.ContextImpl.writeObject (ContextImpl.java:613) at sun.reflect.GeneratedMethodAccessor69.invoke (Unknown Source)
Problem conclusion
Code was added to check the validity of the LTPA token and refresh it if necessary. The fix for this APAR is currently targeted for inclusion in fixpack 6.1.0.11. Please refer to the recommended updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PK47479
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
61Z
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2007-06-20
Closed date
2007-08-02
Last modified date
2007-08-02
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
SECURITY
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R60A PSN
UP
R60H PSN
UP
R60I PSN
UP
R60P PSN
UP
R60S PSN
UP
R60W PSN
UP
R60Z PSN
UP
R61A PSY
UP
R61H PSY
UP
R61I PSY
UP
R61P PSY
UP
R61S PSY
UP
R61W PSY
UP
R61Z PSY
UP
Document Information
Modified date:
28 December 2021