APAR status
Closed as program error.
Error description
If CTXMGMT is cleared, and cookies are provided during a loginidentity call, WebSphere Commerce throws a 500 error and does not clear the cookies. When operating under interoperability mode (such as using session cookies for authentication), the REST framework should provide a way to distinguish session-related issues from other 500-code errors, so that at a minimum, clients can delete the session cookies from the cookie jar as a last resort.
Local fix
Problem summary
USERS AFFECTED: WebSphere Commerce Version 7 Feature Pack 8 users who use REST APIs with cookie-based session. PROBLEM ABSTRACT: 500 error loop if CTXMGMT is cleared BUSINESS IMPACT: End user cannot recover without manually clearing the cookies from client side. RECOMMENDATION:
Problem conclusion
For loginidentity and guestidentity REST APIs with updateCookies=true, when the token that corresponds to the cookies cannot be found from the database, the cookie is ignored and the REST service executes with a generic session. By using this method, the invalid cookies can be updated.
Temporary fix
Comments
APAR Information
APAR number
JR55476
Reported component name
WC BUS EDITION
Reported component ID
5724I3800
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2016-03-07
Closed date
2016-03-25
Last modified date
2016-03-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WC BUS EDITION
Fixed component ID
5724I3800
Applicable component levels
R700 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSYL","label":"WebSphere Commerce Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB31","label":"WCE Watson Marketing and Commerce"}}]
Document Information
Modified date:
11 December 2021