Fix (APAR):                IY99055

Status:                    Fix

Product:                   WBI

Release:                   6.0.2.1

Operating System:          All operating systems

Supersedes Fixes:          

Pre-requisite Fixes:       

Exclusive-requisite Fixes: 

CMVC Defect:               IY99055

Byte size of APAR:         14945309

Date:                      2007-05-29

Abstract:                  Failing J2EE authorization on WMM user registry setups.

Description/symptom of problem:

If Business Process Choreographer is installed on a WebSphere Application Server that uses the WebSphere Member Manager
User Registry plugged into the WebSphere Application Server Custom Registry plug-point, J2EE authorization used within the
Business Process Choreographer infrastructure applications may not work as expected. In the failure case, configured J2EE role
assignments will not get effective for some users, resulting in those users not having access to functionality protected by
the individual J2EE roles. This is implies this problem not being a security risk, but a functional problem resulting in some
users that should have access to the functionality actually will not it.

This fix modifies the J2EE application starting weight of the Business Process Choreographer infrastructure applications
from value 1 to 2 to achieve those applications being started after the WebSphere Member Manager application (being assigned
a starting weight of value 1). This allows the WebSphere Application Server security infrastructure to actually retrieve the
user and groups assigned to the individual J2EE roles during application initialization time.

Directions to apply fix:

1) Copy pak file to the directory maintenance in the UpdateInstaller directory

2) Shutdown WebSphere. It is important that you perform a controlled and complete shutdown of the server to ensure
   that all transactions have completed, before installing the fix.

3) Follow the Fix installation instructions that are packaged with the Fix Installer on how to install the Fix.

4a) For each stand-alone profile where you configured Business Process Choreographer do the following:

   1. Go to the <install_root>/ProcessChoreographer/config directory.
   2. Make sure that the application server where Business Process Choreographer is configured is stopped.
   3. Do one of the following:
          * On Windows, run the following command:
            ..\..\bin\wsadmin -conntype NONE -profileName <profileName< -f bpeupgrade.jacl
          * On UNIX and Linux, run the following command:
            ../../bin/wsadmin.sh -conntype NONE -profileName <profileName< -f bpeupgrade.jacl
      where <profileName> is the name of the profile for which the Business Process Choreographer configuration is to be upgraded.

4b) For each node in a network deployment (ND) environment where you configured Business Process Choreographer on a server that is
    not a cluster member do the following:

   1. Make sure that the deployment manager is running.
   2. Make that sure all of the application servers where Business Process Choreographer is to be upgraded are stopped.
   3. On the managed node, go to the <install_root>/ProcessChoreographer/config directory.
   4. Do one of the following:
          * On Windows, run the following command:
            ..\..\bin\wsadmin -profileName <profileName> -f bpeupgrade.jacl
          * On UNIX and Linux, run the following command:
            ../../bin/wsadmin.sh -profileName <profileName> -f bpeupgrade.jacl
      where <profileName> is the name of the profile for which the Business Process Choreographer configuration is to be upgraded.

4c) For each cluster in a network deployment (ND) environment where you configured Business Process Choreographer do the following:

   1. Make sure that the deployment manager is running.
   2. Make that sure all of the application servers where Business Process Choreographer is to be upgraded are stopped.
   3. On the deployment manager, go to the <install_root>/ProcessChoreographer/config directory.
   4. Do one of the following:
          * On Windows, run the following command:
            ..\..\bin\wsadmin -cluster <clusterName> -f bpeupgrade.jacl
          * On UNIX and Linux, run the following command:
            ../../bin/wsadmin.sh -cluster <clusterName> -f bpeupgrade.jacl
      where <profileName> is the name of the profile for which the Business Process Choreographer configuration is to be upgraded.

5) Restart WebSphere


Directions to remove fix:
NOTE:  FIXES MUST BE REMOVED IN THE ORDER THEY WERE APPLIED.  DO NOT REMOVE A FIX UNLESS
       ALL FIXES APPLIED AFTER IT HAVE FIRST BEEN REMOVED.  YOU MAY REAPPLY ANY REMOVED FIX.

Example:  If your system has fix1, fix2, and fix3 applied in that order and fix2 is to be
          removed, fix3 must be removed first, then fix2 may be removed

1) Shutdown WebSphere. It is important that you perform a controlled and complete shutdown of the server to ensure
   that all transactions have completed, before installing the fix.

2) Follow the Fix instructions that are packaged with the Fix Installer on how to uninstall and reinstall the Fix.

3) Restart WebSphere

Directions to re-apply fix:

1) Shutdown WebSphere. It is important that you perform a controlled and complete shutdown of the server to ensure
   that all transactions have completed, before installing the fix.

2) Follow the Fix instructions that are packaged with the Fix Installer on how to uninstall and reinstall the Fix.

3) Restart WebSphere


Additional Information: