Skip to Main Content
Cloud Platform


This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


ADD A NEW IDEA

WebSphere traditional

Showing 31

Provide property to allow skipping of group membership lookup during login

We see a 20-120 second delay during login to our BAW (Business Automation Workflow) application which uses WebSphere 8.5.5.xTrace indicates the time is consumed before ever reaching the application, by WebSphere security code doing full traversal ...
2 months ago in WebSphere traditional 0 Future consideration

Allow IBM HTTP Server behind a proxy/LB that performs SSL offloading to become aware that the original request uses https

In a situation where IHS is behind another proxy/LB that performs SSL offloading, it would be beneficent to implement a behavior similar to WAS, to check a http header defined by the web container custom property 'httpsIndicatorHeader' to know tha...
4 months ago in WebSphere traditional 0 Future consideration

AES256 product enhancement for twas on password encoding

twas 8.5.5 and twas 9 doesnt have support for AES-256 encryption of passwords. Presently supports only AES-128 encryption. Need help to enhance this password encryption/encoding of AES to 256 bits/keylength. https://www.ibm.com/docs/en/was/9.0.5?t...
7 months ago in WebSphere traditional 1 Future consideration

Support for Cookies Having Independent Partitioned State (CHIPS)

Chrome browser is planning to disable the third party cookies https://developers.google.com/privacy-sandbox/3pcd Our application run as third-party application inside an iframe on an external application and our application Uses SPNGEO authenticat...
12 months ago in WebSphere traditional 0 Future consideration

To support AES-256 password encryption in traditional WebSphere

As per this link https://www.ibm.com/docs/en/was/9.0.5?topic=files-encrypting-passwords-by-using-aes , WAS only supports AES-128 encryption. My customer's security standard requires AES-256 at the minimum.
about 1 year ago in WebSphere traditional 0 Future consideration

Consider to support OAuth2 modern authentication for Mail Sessions in WebSphere Administrative Console

In my organization we're migrating e-mail to Office 365, and Microsoft is deprecating basic authentication (username/password) for email accounts. Instead they are encouraging us to use modern authentication using Client ID, ID tenant... and so. I...
almost 2 years ago in WebSphere traditional 0 Future consideration

Observed a negative value for %D and a dash(-) for %{R}W in the NCSA access log

In the customer's WASv8.5.5.20 system, they have observed a negative value for %D and a dash(-) for %{R}W in the NCSA access log. Referring the WAS code, it just subtract System.currentTimeMillis from the previous System.currentTimeMillis. We were...
about 2 years ago in WebSphere traditional 0 Future consideration

Remove the compromised ciphers from the Strong list in the Cipher suite settings for SSL

Some of the Cipher Suites in the Strong group are not "strong" anymore as have been compromised by attacks like "ROBOT". We think that they should not be included as default as "Strong" ciber-suites.
over 2 years ago in WebSphere traditional 0 Future consideration

Enhancement required in auditing framework to include below changes done through admin console.

We are sending websphere audit log to SEIM to identify critical events. During the testing we identified the below security configurations done through websphere console is not getting audited and not part of audit log. a) Disabling Global Sec...
over 2 years ago in WebSphere traditional 0 Future consideration

The metrics endpoint should report basic status information about the cell, applications and JVMs similarly to what is shown in the dmgr

As a WAS admin using prometheus for JVM monitoring, I'd like an exposed GAUGE metric that tells me the status of various things from the Deployment Manager perspective: - List the Deployment Manager Cell info, Node info, WAS version. - List all t...
over 2 years ago in WebSphere traditional 0 Future consideration