Troubleshooting
Problem
Setting utf8-qstring-support-enabled = no on the ISAM Web Gateway Appliance will no longer work as it did on the software stack versions of TAM and ISAM
Symptom
Customers that are migrating from software stack versions of Tivoli Access Manager (TAM) or IBM Security Access Manager (ISAM) to the Web Gateway Appliance, and have been using the decode-query Stanza Entry in webseald.conf to enable URL Query String Validation, will find that they can no longer configure the ISAM Reverse Proxy to interpret URL Query Strings as any character mapping / codepage other than UTF-8 .
The utf8-qstring-support-enabled Stanza Entry will cause URL Query Strings to be interpreted as UTF-8, regardless of whether this Stanza Entry is set to yes, no, or auto.
The symptom that is seen is that when URL Query Strings are sent in requests to the Reverse Proxy, and the query uses characters that are outside the 7-bit ASCII range, these characters must be encoded as UTF-8. If they are encoded using a different character mapping / codepage, such as ISO-8859-1, they will either be interpreted as the wrong character, or they will not map to a valid character in UTF-8 and the Reverse Proxy will respond with an "HTTP Status 400 Bad Request" error.
The text entered into fields on Web Page Forms, and the related Stanza Entry utf8-form-support-enabled, are also affected in the same way.
Log InLog in to view more of this document
Was this topic helpful?
Document Information
More support for:
IBM Security Access Manager
Software version:
8.0.0, 8.0.1, 9.0.0, 9.0.1.0, 9.0.2.0, 9.0.3
Operating system(s):
Appliance
Document number:
298769
Modified date:
16 June 2018
UID
swg22009998