PM80646: OAUTH PROVIDER DOES NOT SUPPORT REVERSE PROXY CONFIGURATION CAUSING INCORRECT URL REDIRECTION

Fixes are available

APAR status

Closed as program error.

Error description

For OAuth, in the case of reverse proxy, the authorization URL
doesn't reflect the real URL and a reverse proxy is not able to
rewrite the value.

Local fix

For the workaround, as the content form template is
customizable, the developer can update the template to reset
the authorization url to target server on page load.

Problem summary

****************************************************************
* USERS AFFECTED:  IBM WebSphere Application Server            *
*                  administrators of application servers       *
*                  using OAuth                                 *
****************************************************************
* PROBLEM DESCRIPTION: With OAuth, a user may not be           *
*                      redirected to a reverse proxy server.   *
****************************************************************
* RECOMMENDATION:  Install a fix pack that incluses this APAR  *
*                  and update the installed OAuth app,         *
*                  WebSphereOauth20SP.ear, from the            *
*                  (WAS_HOME)/installableApps directory..      *
****************************************************************
In a WebSphere OAuth authorization process, a user may not
be redirected to the requested reverse proxy server after
authorization is granted.  The user is redirected to an HTTP
server directly.

Problem conclusion

The WebSphere Application Server is updated to redirected the
user to the requested URL.

When a fix pack containing this APAR is installed, the fix
will not be active until the installed OAuth ear,
WebSphereOauth20SP.ear, is updated from the
(WAS_HOME)/installableApps directory.

The fix for this APAR is currently targeted for inclusion in
fix packs 7.0.0.29, 8.0.0.7 and the fix pack following
8.5.0.2. Please refer to the Recommended Updates page for
delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Keywords: IBMWL3WSS, OAUTH

Temporary fix

Comments

APAR Information

APAR number
PM80646
Reported component name
WEBSPHERE APP S
Reported component ID
5724J0800
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2013-01-15
Closed date
2013-03-12
Last modified date
2015-09-23

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBSPHERE APP S
Fixed component ID
5724J0800

Applicable component levels

R700 PSY
UP
R800 PSY
UP
R850 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
29 October 2021

Tips

PM80646: OAUTH PROVIDER DOES NOT SUPPORT REVERSE PROXY CONFIGURATION CAUSING INCORRECT URL REDIRECTION

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R700 PSY

R800 PSY

R850 PSY

Document Information

Share your feedback

Need support?