PM28220: EXTENDEDAUTHENTICATIONSERVICE IS NOT WORKING CORRECTLY

Fixes are available

6.1.0.6 Download: WebSphere Portal and WCM V6.1.0 fix pack 6
7.0.0.2 Download: WebSphere Portal and WCM V7.0 fix pack 2
Fixes integrated in WebSphere Portal 7.0.0.1 & 7.0.0.2 Combined Cumulative Fixes

APAR status

Closed as program error.

Error description

If a request is sent to an unauthenticated Portal URL and there
is a JSESSIONID cookie but no LTPA token the method
com.ibm.portal.auth.extensions.ExtendedAuthenticationService
.isUserLoggedIn(HttpServletRequest)
returns true.

Local fix

```
None available.
```

Problem summary

If a request is sent to an unauthenticated Portal URL and
there is a JSESSIONID cookie but no LTPA token the method
ExtendedAuthenticationService.isUserLoggedIn(HttpServletRequest)
returns true.

Problem conclusion

This APAR fixes the ExtendedAuthenticationService so that it
disregards an existing user object in the session as a short-cut
to identifying whether the user already is authenticated.

Failing Module(s):
   Authorization/Authentication (login/logout)

Affected Users:
   All users

Manual Steps:
   None

Platform Specific:
   This fix applies to all platforms.

PM28220 is part of Cumulative Fix 10

for Portal 6.1.0.3 / 6.1.5.0 - available on Fix Central:
http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorde
r?apar=PM24319&productid=WebSphere%20Portal&brandid=5

for Portal 6.1.0.4 / 6.1.5.1 - available on Fix Central:
http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorde
r?apar=PM24320&productid=WebSphere%20Portal&brandid=5

for Portal 6.1.0.5 / 6.1.5.2 - available on Fix Central:
http://www.ibm.com/eserver/support/fixes/fixcentral/swgquickorde
r?apar=PM26397&productid=WebSphere%20Portal&brandid=5

You may need to type or paste the complete address into your Web
browser.

Temporary fix

Comments

APAR Information

APAR number
PM28220
Reported component name
WEBSPHERE PORTA
Reported component ID
5724E7600
Reported release
615
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2010-12-06
Closed date
2010-12-22
Last modified date
2010-12-22

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBSPHERE PORTA
Fixed component ID
5724E7600

Applicable component levels

R610 PSY
UP
R615 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSHRKX","label":"WebSphere Portal"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1.5","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
22 December 2010

Tips

PM28220: EXTENDEDAUTHENTICATIONSERVICE IS NOT WORKING CORRECTLY

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R610 PSY

R615 PSY

Document Information

Share your feedback

Need support?