APAR status
Closed as program error.
Error description
Error Message: javax.security.sasl.SaslException: DIGEST-MD5: server did not specify cipher to use for 'auth-conf' . Stack Trace: javax.security.sasl.SaslException: DIGEST-MD5: server did not specify cipher to use for 'auth-conf'at com.ibm.security.sasl.digest.DigestMD5Client.checkStrengthSuppor t(DigestMD5Client.java:446)at com.ibm.security.sasl.digest.DigestMD5Client.checkQopSupport(Dig estMD5Client.java:420)at com.ibm.security.sasl.digest.DigestMD5Client.evaluateChallenge(D igestMD5Client.java:216) . This may happen when client requested QOP is different from the server's
Local fix
Use the same QOP on client and server side.
Problem summary
When client requested and server supported QOP are different, the client may not use the negotiated QOP
Problem conclusion
A fix is made to IBMSASL provider to use negotiated QOP, or throw exception when there is no QOP match between client and serverThe associated Hursley RTC Problem Report is 67848The associated Hursley CMVC defect is 202278The associated Austin CMVC defect is 115676The associated Austin APAR is IV61523JVMs affected: Java 5.0, Java 6.0, Java 626, Java 7.0 and Java 727The fix was delivered for Java 5.0 SR16FP7, Java 6.0 SR16FP1, Java 626 SR8FP1, Java 7.0 SR7FP1 and Java 727 SR1FP1The affected jar is "ibmsaslprovider.jar".The build level of this jar for the affected releases is "20140613" . This APAR will be fixed in the following Java Releases: 7 SR7 FP1 (7.0.7.1) 7 R1 SR1 FP1 (7.1.1.1) 5.0 SR16 FP7 (5.0.16.7) 6 SR16 FP1 (6.0.16.1) 6 R1 SR8 FP1 (6.1.8.1) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, Java maintenance is available from: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IV61568
Reported component name
SECURITY
Reported component ID
620700125
Reported release
260
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-06-16
Closed date
2014-06-23
Last modified date
2014-06-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R260 PSY
UP
R600 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"260","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020