IC87266: POST-AUTHENTICATION BANNER SHOWS BEFORE AUTHENTICATION PROCESS HAS COMPLETED (NOT AFTER AUTHENTICATION PROCESSES).

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • SFTP user session does NOT see the Post-Authentication Banner
    AFTER logging in, the message is seen PRIOR to the
    Authentication actually happening.
    Similarly, the SFTP user does NOT actually see the
    Pre-Authentication Banner prior to authentication, however, it
    is ONLY exhibited in the debug logs on the client side as the
    Remote software version .
    

Local fix

Problem summary

  • The SSP SFTP Post Authentication Banner appears before
    authentication is complete.
    SSP allows the administrator to supply a Pre-Authentication
    Banner Text and a Post-Authentication Banner Text in the SFTP
    adapter advanced tab.  However, the pre-authentication banner
    never appears in a client session, and the post-authentication
    banner appears prior to the prompt for password on the client
    session.
    The banners are working as designed, but are named relative to
    server authentication, which comes before client authentication
    in an SSH session.  The pre-authentication text allows the
    administrator to hide the SSH toolkit name, if desired.  The
    post-server authentication text allows the site to display some
    legal verbiage on the client screen before they are fully
    authenticated.
    

Problem conclusion

  • Changed the names of the fields on the SFTP adapter advanced tab
    from
     "Pre-Authentication Banner Text"  to "SSH Server Identification
    Text"
    And "Post-Authentication Banner Text"  to  "Post-Server
    Authentication Banner Text".  The text in the Post-Server
    Authentication Banner Text is presented to the client before
    they authenticate themselves to the server.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC87266

  • Reported component name

    STR SECURE PROX

  • Reported component ID

    5725D0300

  • Reported release

    341

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-10-16

  • Closed date

    2012-11-02

  • Last modified date

    2012-11-02

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    STR SECURE PROX

  • Fixed component ID

    5725D0300

Applicable component levels

  • R341 PSY

       UP



Rate this page:

(0 users)Average rating

Document information


More support for:

Sterling Secure Proxy

Software version:

341

Reference #:

IC87266

Modified date:

2012-11-02

Translate my page

Machine Translation

Content navigation