APAR status
Closed as program error.
Error description
ion server occasionally fails to start with
the following security exceptions.
ERROR DESCRIPTION:
Nodeagent SystemOut.log:
"[6/1/04 12:47:51:010 CDT] 39184c RoleBasedAuth E SECJ0306E:
No received or invocation credential exist on the thread. The
Role based authorization check wil l not have an accessId of
the caller to check. The parameters are: access check method
propagateNotifications:[Ljavax.management.Notification; on
resource Not ificationService and module NotificationService.
The stack trace is java.lang.Exception: dump thread stack for
debugging
...
[6/1/04 12:47:51:010 CDT] 39184c RoleBasedAuth
E SECJ0306E: No received or invocation credential exist on
the thread. The Role based authorization check wil l not have
an accessId of the caller to check. The parameters are:
access check method
propagateNotifications:[Ljavax.management.Notification; on
resource Not ificationService and module NotificationService.
The stack trace is java.lang.Exception: dump thread stack for
debugging
..."
AppServer SystemOut.log:
"[6/1/04 12:49:47:427 CDT] 115152 RoleBasedAuth A SECJ0305I:
Role based authorization check failed for security name
<null>, accessId UNAUTHENTICATED while invoking method
executeBatchedOperations on resource NameServer and module
/com/ibm/ws/naming/bootstrap/xml/NameServer.xml.
[6/1/04 12:49:47:571 CDT] 115152JBContainerI I WSVR0047E:
Batch naming operation failed : not authorized to perform
executeBatchedOperations operation...
Local fix
Restart the application server.
Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who *
* have enabled security. *
****************************************************************
* PROBLEM DESCRIPTION: The server may fail to initialize. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
The server may fail to initialize. This is due to remote calls
being made of the server before the server is ready to receive
them. This causes improper initialization of a user registry
reference in the security component which prevents any user
from authenticating. This prevents any protected call from
succeeding.
Problem conclusion
A lazy initialization of the user registry reference was
introduced.
Temporary fix
Test fix provided. This fix is not update installer enabled
so it is not for public consumption.
Comments
APAR information |
APAR number |
PQ90850 |
Reported component name |
WAS NETWRK DEPL |
Reported component ID |
5630A3601 |
Reported release |
00S |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-06-30 |
Closed date |
2004-07-22 |
Last modified date |
2004-07-22 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|