Fixes are available
APAR status
Closed as program error.
Error description
The value for the OpenID Connect session cookie, OIDCSESSIONID, is only about 9 random numeric characters. Some administrators want this value to be longer.
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * **************************************************************** * PROBLEM DESCRIPTION: The value for the OIDC session cookie * * is only about 9 random numeric * * characters. This value could be * * longer. * **************************************************************** * RECOMMENDATION: Install a fix pack or interim fix that * * contains this APAR. * **************************************************************** The value for the OpenID Connect (OIDC) trust association interceptor (TAI) session cookie, OIDCSESSIONID, is only about 9 random numeric characters. Some administrators want this value to be longer.
Problem conclusion
The OIDC TAI has a random value calculator that produces a long random value, then runs that value through a reducer to preseve cookie 'space'. The OIDC TAI is updated so that the value for the session cookie is not run through the ruducer and results in a session cookie value that is about 44 mixed-case alpha numeric characters. For instance: 19184QffcDIVgp5KgkeLC3/RSLyf8nS75Dtt4GyQaYw=. The fix for this APAR is targeted for inclusion in fix packs 8.5.5.18 and 9.0.5.5. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH25774
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
900
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-05-26
Closed date
2020-06-30
Last modified date
2020-07-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R850 PSY
UP
R900 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
06 December 2021