PK95991; 7.0.0.7: servlet form logouts fail with integrated session security and

Download

Abstract

With session security and auditing enabled, an exception occurs during a formlogout when trying to acquire the session id.

Download Description

PK95991 resolves the following problem:

ERROR DESCRIPTION:
With integrated session security and auditing enabled, a servlet form logout fails with the following error:

webcontainer E com.ibm.ws.webcontainer.WebContainer
handleRequest SRVE0232E: Internal Server Error: Exception
Message:
[com.ibm.websphere.servlet.session.UnauthorizedSessionRequestExc
SESN0008E: A user authenticated as {0} has attempted to access
a session owned by {1}

LOCAL FIX:

PROBLEM SUMMARY

* USERS AFFECTED: All users of IBM WebSphere Application Server

PROBLEM DESCRIPTION:
With session security and auditing enabled, an exception occurs during a formlogout when trying to
acquire the session id.

RECOMMENDATION:
None

When audit is enabled formLogout fails because the caller subject on the thread is null.

PROBLEM CONCLUSION:
Added code to check if session security is enabled to control flow.

The fix for this APAR is currently targeted for inclusion in Fix Pack 7.0.0.9. Refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

Download the UpdateInstaller below to install this fix.

[{"PRLabel":"UpdateInstaller","PRLang":"US English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]

Installation Instructions

Review the readme.txt for detailed installation instructions.

[{"INLabel":"Readme","INLang":"US English","INSize":"6159","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PK95991/readme.txt"}]

          [{"DNLabel":"7.0.0.7-WS-WAS-MultiOS-IFPK95991","DNDate":"12/7/2009","DNLang":"US English","DNSize":"33550","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.7-WS-WAS-MultiOS-IFPK95991&product=ibm%2FWebSphere%2FWebSphere%20Application%20Server&source=dbluesearch","DNURL_FTP":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PK95991/7.0.0.7-WS-WAS-MultiOS-IFPK95991.pak","DDURL":" "}]
          

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server Support Web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Security","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.0.0.7","Edition":"Base;Express;Network Deployment","Line of Business":{"code":"LOB45","label":"Automation"}}]

Problems (APARS) fixed
PK95991

Was this topic helpful?

Document Information

Modified date:
15 June 2018

UID

swg24025339

Tips