Fixes are available
19.0.0.3: WebSphere Application Server Liberty 19.0.0.3
19.0.0.4: WebSphere Application Server Liberty 19.0.0.4
19.0.0.5: WebSphere Application Server Liberty 19.0.0.5
19.0.0.6: WebSphere Application Server Liberty 19.0.0.6
19.0.0.7: WebSphere Application Server Liberty 19.0.0.7
19.0.0.8: WebSphere Application Server Liberty 19.0.0.8
19.0.0.9: WebSphere Application Server Liberty 19.0.0.9
19.0.0.10: WebSphere Application Server Liberty 19.0.0.10
19.0.0.11: WebSphere Application Server Liberty 19.0.0.11
19.0.0.12: WebSphere Application Server Liberty 19.0.0.12
20.0.0.1: WebSphere Application Server Liberty 20.0.0.1
20.0.0.2: WebSphere Application Server Liberty 20.0.0.2
20.0.0.3: WebSphere Application Server Liberty 20.0.0.3
20.0.0.4: WebSphere Application Server Liberty 20.0.0.4
20.0.0.5: WebSphere Application Server Liberty 20.0.0.5
APAR status
Closed as program error.
Error description
When dynamically removing all authzParameter or tokenParameter elements from a Liberty server configured to act as an OpenID Connect client, the formerly configured values will continue to be forwarded in their respective requests.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server Liberty - OpenID Connect client * **************************************************************** * PROBLEM DESCRIPTION: OpenID Connect client authzParameter * * and tokenParameter values not updated * * when dynamically removed from server * * configuration * **************************************************************** * RECOMMENDATION: * **************************************************************** When dynamically removing all authzParameter or tokenParameter elements from a Liberty server configured to act as an OpenID Connect client, the formerly configured values will continue to be forwarded in their respective requests even after the reconfiguration completes.
Problem conclusion
The authzParameter and tokenParameter values are now correctly re-initialized each time the OpenID Connect client configuration is modified regardless of whether the elements were present before or after the modification. The fix for this APAR is currently targeted for inclusion in fix pack 19.0.0.3. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PH09651
Reported component name
LIBERTY PROFILE
Reported component ID
5724J0814
Reported release
CD0
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-03-12
Closed date
2019-03-21
Last modified date
2019-03-21
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
LIBERTY PROFILE
Fixed component ID
5724J0814
Applicable component levels
RCD0 PSY
UP
Document Information
Modified date:
17 October 2021