APAR status
Closed as program error.
Error description
ERROR DESCRIPTION: User account blocked after incorrect password entry in e-sig with multiple records selected PROBLEM: The user account is bloked if you enter a wrong password in e-sig dialog when multiple records are selected. The issue only happens when using LDAP authentication. COMMENTS FROM DEV: The way ESig works now that autintication happened only but regardless of sucess or failier login tracking logs every record. So in case of error 10 records will be logged and user fail count will be increased. This fix was done in 2009 for APAR IZ62668. This code need to be adjusted to log only once in case of error but log every record in case of sucess. PERFORMANCE ISSUE: NO STEPS TO REPRODUCE: Enable e-sig: 1. Go to Database Configuration 2. Click Select Action -> Manage eSig Actions 3. Select application -> Work Order Tracking 4. Select option -> Change Status 5. Click Ok. Replicate the issue: 1. Go to Work Order Tracking app and select multiple records (for example, 10 records) displayed on the List tab 2. User selects the Change Status button 3. User enters an incorrect password 4. No error message is displayed 5. User is logged out of Maximo 6. User's account is blocked 7. LOGINTRACKING shows 5 FAILED entries for the user, then the logout. Compare this to the system behavior if a single record is selected and an incorrect password is entered - an error message is displayed "BMXAA3840E - The electronic signature entered is not valid for the user currently signed in to the application!" Note also that the system behavior in Maximo 6.2 was to display an error message when an incorrect password was entered with multiple records selected. CURRENT ERRONEOUS RESULT: User account is bloked. EXPECTED RESULT: The following error message should be shown and the user account should not be affected. BMXAA3840E - The electronic signature entered is not valid for the user currently signed in to the application! ENVIRONMENT (SYSTEM INFO): App Server IBM WebSphere Application Server 8.0.0.10 Version Tivoli's process automation engine 7.5.0.7-IFIX20150804-0918 Build 20141017-1600 DB Build V7507-40 HFDB Build HF7507-18 IBM TPAE Integration Framework 7.5.1.2-MIF_7512_IFIX.20141001-1136 Build 20140730-1950 DB Build V7512-08 HFDB Build HF7512-02 IBM Maximo Calibration 7.5.0.0 Build $build$ DB Build V7501-03 IBM Maximo Asset Management 7.5.0.7 Build 201410271545 DB Build V7507- 00 Server OS SunOS 5.10 Server DB Oracle 11.2 (Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production With the Partitioning, OLAP, Data Mining and Real Application Testing options)
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: * * All Maximo Users * **************************************************************** * PROBLEM DESCRIPTION: * * User account blocked after incorrect password entry in eSig * * with multiple records selected. * **************************************************************** * RECOMMENDATION: * * Upgrade to latest relase * **************************************************************** PROBLEM: The user account is blocked if you enter a wrong password in eSig dialog when multiple records are selected. COMMENTS FROM DEV: The way eSig works now that authentication happened only but regardless of success or failure login tracking logs every record. So in case of error 10 records will be logged and user fail count will be increased. This fix was done in 2009 for APAR IZ62668. This code need to be adjusted to log only once in case of error but log every record in case of success. STEPS TO REPRODUCE: Enable eSig: 1. Go to Database Configuration 2. Click Select Action -> Manage eSig Actions 3. Select application -> Work Order Tracking 4. Select option -> Change Status 5. Click Ok. Replicate the issue: 1. Go to Work Order Tracking app and select multiple records (for example, 10 records) displayed on the List tab 2. User selects the Change Status button 3. User enters an incorrect password 4. No error message is displayed 5. User is logged out of Maximo 6. User's account is blocked 7. LOGINTRACKING shows 5 FAILED entries for the user, then the logout. Compare this to the system behavior if a single record is selected and an incorrect password is entered - an error message is displayed "BMXAA3840E - The electronic signature entered is not valid for the user currently signed in to the application!" Note also that the system behavior in Maximo 6.2 was to display an error message when an incorrect password was entered with multiple records selected. CURRENT ERRONEOUS RESULT: User account is blocked. EXPECTED RESULT: The following error message should be shown and the user account should not be affected. BMXAA3840E - The electronic signature entered is not valid for the user currently signed in to the application!
Problem conclusion
Only one login tracking failure is recorded after incorrect password entry in eSig with multiple records selected. The fix for this APAR is contained in the following maintenance package: | release\fix pack | Fix Pack Release 7.5.0.10 TPAE
Temporary fix
Comments
APAR Information
APAR number
IV78840
Reported component name
ADMIN & SECURIT
Reported component ID
TIVOADMIN
Reported release
750
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2015-11-13
Closed date
2016-02-05
Last modified date
2016-02-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
MAXIMO
Fix information
Fixed component name
ADMIN & SECURIT
Fixed component ID
TIVOADMIN
Applicable component levels
R750 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSLKT6","label":"IBM Maximo Asset Management"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"750","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
Document Information
Modified date:
05 February 2016