IBM Support

PH15201: ADMIN CONSOLE LOGIN PAGE DOES NOT SHOW IMAGES CORRECTLY AFTER AUTHENTICATION SETTING IS CHANGED TO NON-DEFAULT OPTION

Fixes are available

9.0.5.2: WebSphere Application Server traditional Version 9.0.5 Fix Pack 2
9.0.5.3: WebSphere Application Server traditional Version 9.0.5 Fix Pack 3

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Env: WAS 9.0.0.11, Linux.

If customer enable web Security as:


Admin console> Security> web and SIP security -> general
settings -> enabled Authenticate when any URI accessed and also
check the box Default to basic authentication when certificate
authentication for the HTTPS client fails that is causing the
issue.

The console login page did not show images correctly.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED:  All users of IBM WebSphere Application      *
*                  Server                                      *
****************************************************************
* PROBLEM DESCRIPTION: Adminconsole login panel does not show  *
*                      images correctly when                   *
*                      "Authenticate when any URI              *
*                      is accessed" is set                     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Adminconsole images and other files are incorrectly denied
access due to the authentication setting.

    



Problem conclusion


    

  • The GUI controls for adminconsole login panel were
incorrectly
handled as protected resources when "Authenticate when any
URI
is accessed" is set. The bug was fixed.

The fix for this APAR is currently targeted for inclusion in
fix pack 9.5.0.2.  Please refer to the Recommended Updates
page for delivery information:
http://www.ibm.com/support/docview.wss?
rs=180&uid=swg27004980

    



Temporary fix


    

  • Try default setting : "Authenticate only when the URI is
protected" along with "Use available authentication data
when
an unprotected URI is accessed".  This setting is usually
better in performance and achieve the same goal.

    



Comments


    

  • 



APAR Information




    

  • APAR number
    PH15201
    • 

  • Reported component name
    WEBS APP SERV N
    • 

  • Reported component ID
    5724H8800
    • 

  • Reported release
    900
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2019-08-01
    • 

  • Closed date
    2019-10-09
    • 

  • Last modified date
    2019-10-09
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    WEBS APP SERV N
    • 

  • Fixed component ID
    5724H8800
    • 



Applicable component levels


    

  • R900  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 November 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback