Download
Abstract
With session security and auditing enabled, an exception occurs during a formlogout when trying to acquire the session id.
Download Description
PK95991 resolves the following problem:
ERROR DESCRIPTION:
With integrated session security and auditing enabled, a servlet form logout fails with the following error:
webcontainer E com.ibm.ws.webcontainer.WebContainer
handleRequest SRVE0232E: Internal Server Error: Exception
Message:
[com.ibm.websphere.servlet.session.UnauthorizedSessionRequestExc
SESN0008E: A user authenticated as {0} has attempted to access
a session owned by {1}
LOCAL FIX:
PROBLEM SUMMARY
* USERS AFFECTED: All users of IBM WebSphere Application Server
PROBLEM DESCRIPTION:
With session security and auditing enabled, an exception occurs during a formlogout when trying to
acquire the session id.
RECOMMENDATION:
None
When audit is enabled formLogout fails because the caller subject on the thread is null.
PROBLEM CONCLUSION:
Added code to check if session security is enabled to control flow.
The fix for this APAR is currently targeted for inclusion in Fix Pack 7.0.0.9. Refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Prerequisites
Download the UpdateInstaller below to install this fix.
Installation Instructions
Review the readme.txt for detailed installation instructions.
Technical Support
Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server Support Web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24025339