IBM Support

PI71926: BIND DN NOT SAVED CORRECTLY WHEN EDITING SECURITY CONFIGURATION

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • When clicking on the solutions console OK button under the
    following path causes error.
    
    Global security > Federated repositories >Myldap
    
    CWWIM5020E Could not connect to the
    ldap://myldapserver.domain.com:389 repository using properties:
    ...Exception
    occurred: javax.naming.AuthenticationException.
    
    Since the bind password is pre-populated incorrectly in the
    VMM  page, the 'LDAP test query' page also gets pre-populated
    with the incorrect password and no query is successful.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server                                      *
    *                  who access the 'LDAP Test Query' page after *
    *                  configuring a federated repository on the   *
    *                  VMM                                         *
    *                  page.                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION: The 'Bind password' is pre-populated in *
    *                      the LDAP page with the same value used  *
    *                      in                                      *
    *                      the VMM page and it's causing errors.   *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    If the user clicks the Apply/Ok button under the following
    path, an authentication exception is thrown.
    Global security > Federated repositories >Myldap
    This occurs because the 'Bind password' field is being pre-
    populated with the string "*******". When changes are applied,
    the obfuscated password is passed in as the value for the
    password parameter causing an authentication error. Since the
    'LDAP test query' page pre-populates the 'Bind password' field
    the same way the VMM page does, the queries are also failing.
    To provide another level of security and to avoid issues with
    the password, we have made the 'Bind password' a required field
    in the 'LDAP test query' page. It will no longer be pre-
    populated. The VMM panel password issue was fixed under
    PI72154.
    

Problem conclusion

  • To provide another level of security and to avoid issues with
    the password, we have made the 'Bind password' a required field
    in the 'LDAP test query' page. It will no longer be pre-
    populated and the user must know the correct bind password in
    order to run a query. The VMM panel password issue was fixed
    under PI72154.
    
    The fix for this APAR is currently targeted for inclusion in
    fix packs 7.0.0.43, 8.0.0.13, 8.5.5.12, and 9.0.0.3.  Please
    refer to the Recommended Updates page for delivery
    information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI71926

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-11-07

  • Closed date

    2016-12-19

  • Last modified date

    2017-03-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R700 PSY

       UP

  • R800 PSY

       UP

  • R850 PSY

       UP

  • R900 PSY

       UP



Document information

More support for: WebSphere Application Server
General

Software version: 850

Reference #: PI71926

Modified date: 06 March 2017