Direct link to fix
APAR status
Closed as program error.
Error description
When using WebSphere Commerce, typically concurrent access by the same user is blocked by the application. In cases where Single-Sign-On (SSO) is enabled, an LTPA token is used to allow users to access the system without a logon. In this case the application cannot block a user who access the system concurrently, as the SSO token will automatically re-logon the user into the system.
Local fix
Problem summary
USERS AFFECTED: WebSphere Commerce users on v7.0 who have SSO enabled and want to prevent users from logging into the system concurrently. PROBLEM ABSTRACT: Concurrent WebSphere Commerce users are not automatically logged off when Single-Sign-On is enabled. BUSINESS IMPACT: Users may find that they are not logged off the system automatically in cases of concurrent use. RECOMMENDATION:
Problem conclusion
When concurrent access is detected by WebSphere Commerce the ability to optionally remove the LTPA token has been added. When enabled, the session is cleared for the user, including their LTPA token. This should prevent the user from being able to re-access the website without needing to explicitly re-logon. This option should only be used when WC is configured to generate LTPA tokens. In order to prevent the same user from concurrently logging on to WebSphere Commerce when WebSphere Commerce is configured to generate LTPA tokens at logon time, please add an attribute named "SSOConcurrentLogon" to the MemberSubSystem/Directory element in wc-server.xml, and set the value to 0. For example: <Directory EntryFileName="ldap/ldapentry.xml" MigrateUsersFromWCSdb="ON" SingleSignOn="1" SSOConcurrentLogon="0" display="false"/> ------------------------------------------------------------- The latest available maintenance information can be obtained from the Recommended Fixes for WebSphere Commerce technote: http://www.ibm.com/support/docview.wss?rs=3046&uid=swg21261296
Temporary fix
Comments
APAR Information
APAR number
JR40368
Reported component name
WC BUS DEV ED W
Reported component ID
5724I3900
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-08-11
Closed date
2011-10-31
Last modified date
2011-10-31
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WC BUS DEV ED W
Fixed component ID
5724I3900
Applicable component levels
R700 PSY
UP
[{"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Product":{"code":"SSYT2H","label":"WebSphere Commerce Developer Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB31","label":"WCE Watson Marketing and Commerce"}}]
Document Information
Modified date:
07 December 2021