There is a behavior change in the 3.8.0 and later firmware related to AAA Policy when an LTPA token is generated in a Post-Processing action.
IBM WebSphere DataPower appliances have the capability of creating WebSphere Application Server Lightweight Third Party Authentication (LTPA) credentials in the AAA Post-Processing action. An LTPA credential contains a client's identity. These LTPA credentials can be in the form of either an HTTP Cookie or within a WS-Security binary security token. LTPA credentials are a cryptographic protected SSO credential.
Customers migrating from firmware versions 3.7.3 or before to 3.8.0 or later may encounter errors or response-related failures associated with the LTPA Set-Cookie header if their AAA Policy generates an LTPA token in Post-Processing and they are also providing their own Set-Cookie for LTPA handling. Failure may occur due to two LTPA cookies in the Set-Cookie header for the response.
[{"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Not Applicable","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"4.0.2;4.0.1;3.8.2;3.8.1;3.8","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}},{"Product":{"code":"SS6L5J","label":"WebSphere DataPower XML Security Gateway XS40"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"3.8","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SS6L4E","label":"WebSphere DataPower Integration Appliance XI50"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"3.8","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SSQ3J2","label":"WebSphere DataPower B2B Appliance XB60"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"","label":""}],"Version":"3.8","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.