IY99194: SSUI CHANGE THE CODE TO EXTEND SELF-CARE FOR DIRECT EXPIRED PASSWORD ENTRY.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • =================================================
    Title: Apar to extend self-care for direct expired password
    entry.
    Problem description:
    
    
    
    
    
    
    Customer would like to use TAM for authorization and TIM
    for all pwd mgmt
    changes (including challenge response functionality)
    User authenticates to TAM and their TAM password has expired
    (either at
    1st login .. or after normal pw expiration period):
    
    Customer would like to forward request over to TIM and
    have TIM prompt for
    expired password. (rather than changing pw in TAM)
    Currently:  TAM can be setup to foward to TIM...but will only
    forward t
    
    un-secure junction.  Currently the user would have to login to
    TIM and
    then go to change password
    Would like for us to provide a URL in SSUI where the UID would
    be
    passed in...and we would directly bring up the expired password
    panel.
    They would be required to enter old and new password.   Only
    concern
    here is that this URL would give hackers a method to determine
    if they
    guessed the correct UID. (not a concern for the customer
    scenario in their
    network security however...thus this URL might need to be a
    property an
    off by default.)  In the case of 1st time login...they want to
    be able
    to enter the challenge response questions too.
    
    Customer Recreate:
    
    Yes.
    
    
    Desired behavior:
    
    ITIM self-service direct password entry URL provided.
    This feature is unavailable when TIM is configured for SSO.
    

Local fix

  • n/a
    

Problem summary

Problem conclusion

  • This fix for this APAR is contained in the
    following maintenance packages:
    | fix pack | 4.6.0-TIV-TIM-FP0048
    

Temporary fix

Comments

APAR Information

  • APAR number

    IY99194

  • Reported component name

    IBM TIV ID MGR

  • Reported component ID

    5724C3403

  • Reported release

    460

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2007-05-25

  • Closed date

    2007-06-27

  • Last modified date

    2007-10-15

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • SSUI
    

Fix information

  • Fixed component name

    IBM TIV ID MGR

  • Fixed component ID

    5724C3403

Applicable component levels

  • R460 PSY

       UP



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

IBM Security Identity Manager

Software version:

460

Reference #:

IY99194

Modified date:

2007-10-15

Translate my page

Machine Translation

Content navigation