Skip to main content

IC87266: POST-AUTHENTICATION BANNER SHOWS BEFORE AUTHENTICATION PROCESS HAS COMPLETED (NOT AFTER AUTHENTICATION PROCESSES).


Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • SFTP user session does NOT see the Post-Authentication Banner
AFTER logging in, the message is seen PRIOR to the
Authentication actually happening.
Similarly, the SFTP user does NOT actually see the
Pre-Authentication Banner prior to authentication, however, it
is ONLY exhibited in the debug logs on the client side as the
Remote software version .

Local fix

  •  
    • 
  
 
  
Problem summary
 
  
     
   
  • The SSP SFTP Post Authentication Banner appears before
authentication is complete.
SSP allows the administrator to supply a Pre-Authentication
Banner Text and a Post-Authentication Banner Text in the SFTP
adapter advanced tab.  However, the pre-authentication banner
never appears in a client session, and the post-authentication
banner appears prior to the prompt for password on the client
session.
The banners are working as designed, but are named relative to
server authentication, which comes before client authentication
in an SSH session.  The pre-authentication text allows the
administrator to hide the SSH toolkit name, if desired.  The
post-server authentication text allows the site to display some
legal verbiage on the client screen before they are fully
authenticated.

     
    • 
  
 
  
Problem conclusion
 
  
     
   
  • Changed the names of the fields on the SFTP adapter advanced tab
from
 "Pre-Authentication Banner Text"  to "SSH Server Identification
Text"
And "Post-Authentication Banner Text"  to  "Post-Server
Authentication Banner Text".  The text in the Post-Server
Authentication Banner Text is presented to the client before
they authenticate themselves to the server.

     
    • 
  
 
  
Temporary fix
 
  
     
   
  •  
    • 
  
 
  
Comments
 
  
     
   
  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    IC87266
    •  
    
  • Reported component name
    STR SECURE PROX
    •  
    
  • Reported component ID
    5725D0300
    •  
    
  • Reported release
    341
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2012-10-16
    •  
    
  • Closed date
    2012-11-02
    •  
    
  • Last modified date
    2012-11-02
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    STR SECURE PROX
    •  
   
  • Fixed component ID
    5725D0300
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R341 PSY
       UP
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
Sterling Secure Proxy


	




	
Software version:

	341

	





	
Reference #:

IC87266






Modified date:

2012-11-02








Translate my page














































 



Content navigation