Fixes are available
8.5.5.1: WebSphere Application Server V8.5.5 Fix Pack 1
8.5.5.2: WebSphere Application Server V8.5.5 Fix Pack 2
8.5.5.3: WebSphere Application Server V8.5.5 Fix Pack 3
8.5.5.4: WebSphere Application Server V8.5.5 Fix Pack 4
8.5.5.5: WebSphere Application Server V8.5.5 Fix Pack 5
8.5.5.6: WebSphere Application Server V8.5.5 Fix Pack 6
8.5.5.7: WebSphere Application Server V8.5.5 Fix Pack 7
8.5.5.8: WebSphere Application Server V8.5.5 Fix Pack 8
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
APAR status
Closed as program error.
Error description
When sessions are set programmatically, WebSphere Application Server will ignore JSESSIONIDs which are shorter than the expected length, and, if necessary, create one itself. This can cause unexpected behavior in the application code.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: IBM WebSphere Application Server Version * * 7, 8, and 8.5 users. * **************************************************************** * PROBLEM DESCRIPTION: The session manager may not process * * the correct session cookie when there * * are multiple session cookies and one * * of the cookies is of invalid length. * **************************************************************** * RECOMMENDATION: * **************************************************************** Some applications may set a cookie which interferes with the session manager. Incorrect setting of a session cookie may lead to invalid session processing and unexpected application behavior.
Problem conclusion
Setting a session cookie should be left to the session manager; however, code changes were made to the session manager to ensure that all cookies are processed even when an invalid cookie is found. The fix for this APAR is currently targeted for inclusion in fix packs 7.0.0.26, 8.0.0.6 and 8.5.0.2. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PM89885
Reported component name
LIBERTY PROFILE
Reported component ID
5724J0814
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-05-28
Closed date
2013-05-28
Last modified date
2013-05-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
LIBERTY PROFILE
Fixed component ID
5724J0814
Applicable component levels
R850 PSY
UP
Document Information
Modified date:
12 January 2022