Troubleshooting
Problem
Microsoft®️issued a November 11, 2022 security fix against their Microsoft Windows™️ Operating System which included a change that caused issues with SPNEGO single-sign-on. This technote is designed to assist you in identifying the problems that may arise when using SPNEGO with WebSphere Application Server, and offers some corrective actions you can take. You may still need to work with your Windows or Active Directory administrator for assistance.
SPNEGO SSO is not working correctly due to a recent Microsoft security patch.
Please see the following externally linked information on the November 2022 patch Microsoft has released.
Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability CVE-2022-37966
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966
KB5021131: How to manage the Kerberos protocol changes related to CVE-2022-37966
https://support.microsoft.com/en-us/topic/kb5021131-how-to-manage-the-kerberos-protocol-changes-related-to-cve-2022-37966-fd837ac3-cdec-4e76-a6ec-86e67501407d
Symptom
.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"ARM Category":[{"code":"a8m50000000Ccy2AAC","label":"WebSphere Application Server traditional-All Platforms-\u003ESecurity-\u003ESSO-\u003ESPNEGO\/Kerberos"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
03 March 2025
UID
ibm16845566