Friday, August 8, 2014

SECJ0371W: Validation of the LTPA token failed

WebSphere Portal received a request with an expired or otherwise invalid LTPA token for which it needed to generate one or more URLs. By default, the LTPA token timeout is two hours. This timeout is encoded into the token itself. With the default settings, this condition could occur if someone logged in and worked in WebSphere Portal for longer than two hours.

Check your SystemOut.log for :

at com.ibm.wps.util.HttpUtils.validateLTPATokenCookies(HttpUtils.java:458)
at com.ibm.wps.auth.extensions.impl.ExtendedAuthenticationServiceImpl.isUserLoggedIn(ExtendedAuthenticationServiceImpl.java:136)
at com.ibm.wps.state.accessors.url.EngineURLOnRequest.isProtected(EngineURLOnRequest.java:371)
at com.ibm.wps.state.accessors.url.EngineURLOnRequest.reset(EngineURLOnRequest.java:450)
atcom.ibm.wps.state.accessors.url.URLAccessorFactoryExImpl.newURL(URLAccessorFactoryExImpl.java:319)

Such stack traces indicate that WebSphere Portal explicitly requests LTPA token validation from WebSphere Application Server during URL generation. This is by design.


You may either ignore the warning or suppress them. To suppress such warnings, set:

com.ibm.ws.security.ltpa.LTPAServerObject=severe

per the WebSphere Application Server InfoCenter section on Log level settings.


No comments:

Post a Comment