APAR status
Closed as program error.
Error description
In NTLM once authentication has succeeded the auth status is associated with the open socket, meaning that when the socket is re-used it is not necesary to perform the full NTLM handshake for every request. However after applying APAR IT36261 whcih was included in App Connect Enterprise version 12.0.2.0 every request performs a full NTLM handshake. In some instances, particularly when the target service is deployed in Microsoft Azure, this can cause the target service to misinterpret this as a denial of service attack and drop further connections.
Local fix
Problem summary
**************************************************************** USERS AFFECTED: All user of App connect Enterprise running versions later then 12.0.2.0 using Integrated Windows Authentication (IWA) outbound with HTTP, SOAP or REST Request nodes on the Windows platform. Platforms affected: Windows on x86-64 platform **************************************************************** PROBLEM DESCRIPTION: In NTLM once authentication has succeeded the auth status is associated with the open socket, meaning that when the socket is re-used it is not necessary to perform the full NTLM handshake for every request. However after applying APAR IT36261 which was included in App Connect Enterprise version 12.0.2.0 every request performs a full NTLM handshake. In some instances, particularly when the target service is deployed in Microsoft Azure, this can cause the target service to misinterpret this as a denial of service attack and drop further connections.
Problem conclusion
The authentication status is now cached on the connection level for outbound connections preventing this issue from occurring. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v12.0 12.0.12.0 The latest available maintenance can be obtained from: http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg27006041 If the maintenance level is not yet available,information on its planned availability can be found on: http://www-1.ibm.com/support/docview.wss?rs=849&uid=swg27006308 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT40732
Reported component name
APP CONNECT ENT
Reported component ID
5724J0560
Reported release
C00
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-04-25
Closed date
2024-01-30
Last modified date
2024-01-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
APP CONNECT ENT
Fixed component ID
5724J0560
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSDR5J","label":"IBM App Connect Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"C00","Line of Business":{"code":"LOB67","label":"IT Automation \u0026 App Modernization"}}]
Document Information
Modified date:
30 January 2024