APAR status
Closed as program error.
Error description
SECJ0053E:
Authorization failed for DUOSHARE/afake while invoking (Home)
com/ds/ejb/User PMInternalFinder_Local(java.lang.Object):4
securityName: DUOSHARE/afake;accessID:
user:DUOSHARE/S-1-5-21-507921405-
854245398-725345543-1150 is not granted any of the required
roles:
Developer minor code: 0 completed: No
the
"non-developer" has certain rights to both BeanA and BeanB. For
the
purposes of this example, the "non-developer" has rights to
read
the
beans,
but not update, create, or delete them. The subject was given
access to
the
getBeanA method in BeanB, and also to the findByPrimaryKey
method for
BeanA.
The subject can successfully directly access both BeanA and
BeanB. But,
the
subject cannot invoke the relationship 2.0 methods when
granular
security is
described on the beans. The only way the relationship method
BeanB.getBeanA() works is to give total rights to BeanA using *
which allows creating, updating, deleting)
Local fix Problem summary
****************************************************************
* USERS AFFECTED: CMP2.0 Enterprise Bean Developers who set *
* global security for Container Managed *
* Relationships *
****************************************************************
* PROBLEM DESCRIPTION: Security Exception is thrown when *
* invoking Container Managed *
* Relationship. *
* SECJ0053E: Authorization *
* failed for <user> while *
* invoking (Home)<BeanName> *
* PMInternalFinder_Local. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
Security Exception, SECJ0053E: Authorization failed for <user>
while invoking (Home)<BeanName> PMInternalFinder_Local, is
thrown incorrectly for an internal method.
Problem conclusion
To prevent security exception, logic was enhanced to correct
this scenerio.
Temporary fix
PMR19387.jar sent to customer.
Comments
APAR information |
APAR number |
PQ90079 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
00W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-06-11 |
Closed date |
2004-06-30 |
Last modified date |
2004-06-30 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R003 PSY |
UP |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R103 PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|