APAR status
Closed as program error.
Error description
TAM 3.9/fixpack 5 WIN 2000 advanced server webseald.conf: request-body-max-read = 32255, max-client-read = 250000, dynurl-allow-large-posts = yes .. and added fixpack 5. After about 10 posts using the http example I sent, I got the "Bad Request" error. The trace shows the error code: 0X38CF0424 and html encode characters such as %3D% in POST may be dup of APAR:IY50332 and IY:50754 The info (08220.b999.tar.Z) including the test html pages which generate the POST which casues problem on cutomer' system is put on pdlevel3
Local fix
no
Problem summary
WebSEAL can return a bogus 400-error if dynurls are enabled and it receives a POST containing encoded characters.
Problem conclusion
Modified finduri.c to allow partial characters. Added an argument to uridecode() to allow each caller to say whether to accept partial characters (by truncating the caller's buffer just before the first partial char- acter) or to return an error if a partial character is found. POST bodies allow partial characters, all other callers do not. This issue is resolved in patch 3.9-AWS-FP08.
Temporary fix
Comments
APAR Information
APAR number
IY51128
Reported component name
ACCESS MGR WEBS
Reported component ID
5724C0811
Reported release
390
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2003-11-20
Closed date
2004-06-30
Last modified date
2004-06-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
IY52502
Fix information
Fixed component name
ACCESS MGR WEBS
Fixed component ID
5724C0811
Applicable component levels
R390 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPREK","label":"Tivoli Access Manager for e-business"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"390","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Document Information
Modified date:
30 June 2004