Websphere session error after CLM logout - login
Using CLM as a administrator (admin). Then "logout", the login window appears. Login as another user (user). The last used screen appears.
When using any Link, the following error message appears: Error 500: com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException: SESN0008E: A user authenticated as user:defaultWIMFileBasedRealm/CN=user,OU=P,OU=Useraccounts,OU=A,DC=B,dc=C,dc=com has attempted to access a session owned by user:defaultWIMFileBasedRealm/CN=admin,OU=P,OU=Useraccounts,OU=A,DC=B,dc=C,dc=com. Any idea why this happens? It seems that the session is not terminated when logging out. Using CLM 4.0.1 with Websphere 8.0.0.5 and Win 2008R2 SP1 (Federated LDAP) |
Accepted answer
Enable the fix on WebSphere Application Server (8.0.0.3+) by adding a custom session manager property. Click Application servers > server1 > Session management > Custom properties and add the
InvalidateOnUnauthorizedSessionRequestException = true
custom property.
See jazz.net WI: https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=190040 Dieter Paul selected this answer as the correct answer
Comments
Dieter Paul
commented Mar 21 '13, 3:37 a.m.
Thank youSandy for the answer. It solves the problem for me.
|
2 other answers
This seems to be working correctly, in that Jazz is not letting the "new" user access anything using the credentials of the older user. So that sounds correct. Is the issue here that the old session is not cleared away, and that the new user doesn't start out on their own "launch" page? I have seen strange behavior when I am logged out by a time out - essentially because I leave a dashboard up overnight. Since Jazz tries to update the dashboard, it forces me to reauthenticate. When I do reauthenticate, I often see strange window behavior until I hit the refresh button, or until I navigate to a different screen.,
Comments 1
Dieter Paul
commented Jan 16 '13, 8:06 a.m.
>> Is the issue here that the old session is not cleared away, and that the new user doesn't start out on their own "launch" page?
1
Dieter Paul
commented Jan 16 '13, 8:37 a.m.
I made some further tests.
Sergio Cedillo
commented Feb 08 '13, 7:32 p.m.
Dan, Paul,
Same thing is happening to me, however, in my case it only happens with RM
application. Not with JTS or QM, only with RM. Also using federated LDAP
The message is the same:
"Error 500: com.ibm.websphere.servlet.session.UnauthorizedSessionRequestException: SESN0008E: A user authenticated as anonymous has attempted to access a session owned by user:was-server.svr-domain.mx:10389/cn=Administrador Plataforma Jazz+sn=Administrador+uid=jazzadmin,ou=users,ou=system."
or
"UnauthorizedSessionRequestException: SESN0008E: A user authenticated as anonymous has attempted to access a session owned by user"
My admin userid is: jazzadmin
I'm using CLM 4.0.1 on SuSE Linux 11, WAS8.0.0.3
it only happens when logging out. Actually looks like not really logging out,
it keeps the session open if I go back with the browser.
Any idea or help would be appreciated!
|
Please try clearing the browser cookies or use a different supported browser.
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.