Skip to Main Content
Cloud Platform


This is an IBM Automation portal for Cloud Platform products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (https://ideas.ibm.com).


Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.


Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal (https://www.ibm.com/ideas) - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal (https://ideas.ibm.com) - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM.

ideasibm@us.ibm.com - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.


ADD A NEW IDEA

WebSphere traditional

Showing 32

Enable Account Lockout after 3 failed logins

Passwords are prune to Bruteforce attacks, an attacker can easily brute force the passwords as the password policy is weak andallows simple alpha numeric characters without any restriction of password length e.g.: admin, passetc.Account lockout me...
over 6 years ago in WebSphere traditional 2 Future consideration

WebSphere Audit Functionality

Using the Audit feature we want to be able to log any type of configuration change.What was the change, at what time and with what userid.Currently the only filter that allows that is “RESOURCE_ACCESS:SUCCESS ”, the problem is that it logs everyth...
over 7 years ago in WebSphere traditional 1 Future consideration

Support for the SAN attribute in the CSR request when using wsadmin or the WAS admin console.

We want to be able to use the SAN attribute in PKI keys/certificates. This is needed to pass host verification during the TLS handshake if the certificate is to be used by processes on different hosts, e.g., multiple WAS application server process...
over 7 years ago in WebSphere traditional 1 Future consideration

cryptic exception when session max count exceeded

when WAS ND (v8.5.5.10) has a session setting to limit max HTTP sessions per JVM and that limit is crossed a cryptic exception is being thrown. it took 8 hours for IBM team to understand the real cause.
about 8 years ago in WebSphere traditional 0 Future consideration

WebSphere should offer StartTLS support when connecting to LDAP server for authentication

When configuring WebSphere for LDAP authentication, if you select "use SSL", this forces WebSphere to establish an LDAPS connection with the LDAP server (port 636 by default). This is an outdated mechanism. LDAP v3 defines the StartTLS extension, ...
about 8 years ago in WebSphere traditional 0 Future consideration

Add feature to make WAS present SSL ciphers in order of strength

As the title says, Add a feature to WAS to present in order of strength the SSL ciphers configured to the clients connecting to WAS, regardless of what the client wants to enforce, as IHS (apache) does via the setting "SSLHonorCipherOrder on" or a...
about 8 years ago in WebSphere traditional 0 Future consideration

[jaxws] implements polymorphism for exceptions raised by jaxws servers

[JAX-WS] On server side, sub classes of exceptions declared in soap methods signatures when raised at runtime are not interpreted as if they were listed exceptions but treated as if they are undeclared exceptions (therefore in the soap fault the d...
over 9 years ago in WebSphere traditional 1 Future consideration

SOAP request SAML assertion is not functional by default on WAS.

When a SOAP SAML request which contains a full blown SAML assertion in it is sent over as an http post to WAS, it doesn't process the SAML assertion. Out of the box there is a WEB SSO TAI which can process a SAML assertion provided all the SAML as...
over 9 years ago in WebSphere traditional 1 Future consideration

WS-Security policy set bindings don't work with Web SSO global security

State Farm secures all their web resources in their WAR modules, so nothing is left unsecured. We have a JAX-WS web service endpoint. This is also apparently secured by the Web module security. We have WS-Security specific policy sets defined on t...
over 9 years ago in WebSphere traditional 1 Future consideration

Perform host name verification for SSL channels

On WAS 7 server deployed JavaEE application which acting as web service client (JAX-WS) and communicating with web service over HTTPS (SSL channel). When web service client made connection to target server, the common name (CN) from the server cer...
about 10 years ago in WebSphere traditional 1 Future consideration