PM70994: SSLFAKEBASICAUTH DEPENDS ON LOADMODULE ORDER

Fixes are available

7.0.0.27: WebSphere Application Server V7.0 Fix Pack 27
8.5.0.2: WebSphere Application Server V8.5 Fix Pack 2
8.0.0.6: WebSphere Application Server V8.0 Fix Pack 6

APAR status

Closed as program error.

Error description

SSLFakeBasicAuth depends on LoadModule order

Loading the mod_ibm_ssl module at the top of httpd.conf, the
SSLFakeBasicAuth is enabled. If it is loaded at another place,
such as the bottom of httpd.conf, it is not enabled.

IBM HTTP Server based on Apache HTTP Server 2.0 and later should
not need to have any ordering dependency.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  Users of the "SSLFakeBasicAuth" directive   *
*                  in                                          *
*                  IBM HTTP Server.                            *
****************************************************************
* PROBLEM DESCRIPTION: SSLFakeBasicAuth seems to do nothing    *
*                      after configured, but works if you      *
*                      change the order of "LoadModule"        *
*                      directives in httpd.conf                *
****************************************************************
* RECOMMENDATION:  Apply this fix if SSLFakeBasicAuth          *
*                  directive is being used, is not taking      *
*                  effect and your  certificate-bearing users  *
*                  are receving 401 prompts.                   *
****************************************************************
SSLFakeBasicAuth is used to tie certificate-based authentication
into HTTP Basic Authentication configured in Apache, but
SSLFakeBasicAuth must run before the core of Apache
authentication to be effective.  The way SSLFakeBasicAuth used
the Apache API, it was undefined as to which module would run
first.

Problem conclusion

The feature was updated to always run before normal HTTP Basic
Authentication processing.

This fix is targeted for IHS fixpacks:
 - 7.0.0.27
 - 8.0.0.6
 - 8.5.0.2

Temporary fix

Comments

APAR Information

APAR number
PM70994
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-08-16
Closed date
2012-08-21
Last modified date
2012-10-02

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801

Applicable component levels

R700 PSY
UP
R800 PSY
UP
R850 PSY
UP

Rate this page:

(0 users)Average rating

Copyright and trademark information

IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.

Document information

IBM HTTP Server

Runtime

Software version:
7.0

Reference #:
PM70994

Modified date:
2012-10-02

PM70994: SSLFAKEBASICAUTH DEPENDS ON LOADMODULE ORDER

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R700 PSY

R800 PSY

R850 PSY

Rate this page:

Copyright and trademark information

Rate this page:

Add comments

Document information

Translate my page

Content navigation

Footer links