When IBM MDM Publisher is reinitialized in Kubernetes deployments, users are not prompted to log in again

Troubleshooting

Problem

With the IBM® MDM Publisher capability delivered with IBM® InfoSphere® Master Data Management is deployed on Kubernetes and the Publisher pod is reinitialized, such as a simple restart or complete teardown, then users are not prompted to log in again. This occurs because the Publisher pod does not invalidate existing JWT tokens. Any users with a valid JWT token remain logged in.

Cause

The JWT session token that is saved in the browser does not get invalidated even if the IBM® WebSphere® Libery Profile instance is destroyed and recreated. This occurs because the WebSphere® Libery Profile instance is using the same certificate after the restart that was used to issue the token. As a result, to WebSphere® Libery Profile, the JWT token is still valid. It continues to honor the expiration date that is embedded in the token.

Resolving The Problem

To invalidate all current sessions and force all users to log in again, you must create a new certificate to be used by the WebSphere® Libery Profile instance.

Document Location

Worldwide

[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSWSR9","label":"IBM InfoSphere Master Data Management"},"ARM Category":[{"code":"a8m0z0000001gxXAAQ","label":"Product-Related"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.5.0;11.6.0"}]

Tips

When IBM MDM Publisher is reinitialized in Kubernetes deployments, users are not prompted to log in again

Troubleshooting

Problem

Cause

Resolving The Problem

Document Location

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?