Fixes are available
IBM Tivoli Federated Identity Manager 6.2.0 fix pack 3 (6.2.0-TIV-TFIM-FP0003)
Tivoli Federated Identity Manager 6.2.0 Fixpack 8 (6.2.0-TIV-TFIM-FP0008)
Tivoli Federated Identity Manager 6.2.0 Fixpack 9 (6.2.0-TIV-TFIM-FP0009)
Tivoli Federated Identity Manager 6.2.0 Fixpack 13 (6.2.0-TIV-TFIM-FP0013)
APAR status
Closed as program error.
Error description
If an OP returns an OP-Identifier as the claimed identifier then the Relying-Party does not reject the login and allows authentication to succeed. The Replying-Party should reject the login. This issue affects only OpenID relying-party configurations during OP-identifier login.
Local fix
No workaround
Problem summary
When doing discovery of a claimed identifier after an OP-identifier login we now validate that the discovered information for the claimed identifier is not an OP identifier.
Problem conclusion
The fix for this APAR will be contained in the following maintenance packages: | fix pack | 6.2.0-TIV-TFIM-FP0002 |
Temporary fix
Comments
APAR Information
APAR number
IZ44571
Reported component name
TIV FED ID MGR
Reported component ID
5724L7300
Reported release
620
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-02-23
Closed date
2009-03-30
Last modified date
2009-05-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
TIV FED ID MGR
Fixed component ID
5724L7300
Applicable component levels
R620 PSY
UP
R600 PSN
UP
R610 PSN
UP
R611 PSN
UP
[{"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SSZSXU","label":"Tivoli Federated Identity Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"620"}]
Document Information
Modified date:
29 December 2021