APAR status
Closed as program error.
Error description
HTTP user authentication failures are not logged. Only the HTTP 401 response is captured in the Perimeter.log when the logging level is set to DEBUG. Nothing is stored in the ACT_SESSION and in the ACT_AUTHENTICATE table.
Local fix
STRRTC - B2BISFG-53991 JW / JW Circumvention: <None / workaround>
Problem summary
Users Affected: All Problem Description: HTTP user authentication failures are not logged. Only the HTTP 401 response is captured in the Perimeter.log when the logging level is set to DEBUG. Nothing is stored in the ACT_SESSION and in the ACT_AUTHENTICATE table. Platforms Affected: All
Problem conclusion
Resolution Summary: A code fix is provided. The HTTP Server Adapter now posts visibility events (Connection and Authentication) for failed HTTP authentication activity in addtion to login failures already reported in Authentication.log and Securtiy.log files Please note that login failures have always been reported in the Authentication.log (although only username and failure message is reported). In addition, the Securtiy.log captures all login (successful and unsuccessful) activity (provided the Security.log debugging level is set to DEBUG) The Authentication.log captures only the username and cause, but not the protocol (enable under "User Authentication" in Admin UI) [<timestamp>] ALL SecurityManager user:<username> authorization FAILED - <cause> In addition, the Security.log reports successful and unsuccessful Security Events when the logging level is set to DEBUG. (enable under "Security" in Admin UI) Delivered in: 5020603_16 5020605_4
Temporary fix
Comments
APAR Information
APAR number
IT34484
Reported component name
STR B2B INTEGRA
Reported component ID
5725D0600
Reported release
526
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-10-08
Closed date
2021-04-13
Last modified date
2021-05-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
STR B2B INTEGRA
Fixed component ID
5725D0600
Applicable component levels
[{"Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.6"}]
Document Information
Modified date:
18 May 2021