PQ72742: AsynchBeans WorkWithExecutionContext data that is serialized is not compatible with future versions.

APAR status
Closed as program error.

Error description
Asynchronous Beans has a java.io.Serializable object
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server 5.0         *
*                 Enterprise Edition Asynchronous Beans        *
*                 customers, Scheduler and                     *
*                 Process Choreographer customers.             *
****************************************************************
* PROBLEM DESCRIPTION: The WebSphere Application Server        *
*                      Enterprise Edition Asynchronous         *
*                      Beans 5.0 service has interoperability  *
*                      problems.                               *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The WebSphere Application Server Enterprise Edition
Asynchronous Beans 5.0 service has interoperability
problems that affect how the dependent services behave in a
clustered environment with mixed WebSphere product versions
or mixed platforms.

Asynchronous Beans allow taking snapshots of J2EE contextual
information from the current Servlet or EJB method.  This
information can include Security information, and can be
stored using the WorkManager.create(Work r) method to get
a serializable WorkWithExecutionContext object.

If this WorkWithExecutionContext object is serialized and
stored with customer data, the following information must be
reviewed to determine if any steps must be taken
to avoid problems.

Affected Products
-----------------
Both the Scheduler and Process Choreographer services that
are included with WebSphere Application Server Enterprise
Edition 5.0 are affected by the problems described in this
document.  Review each service's respective sections
in the Version 5.0.1 release notes or in the one following
interim fix options for further information:


PQ72885 - Scheduler 5.0 Interoperability Issues

PQ72886 - Process Choreographer 5.0 Interoperability Issues

Problem Description - Security
------------------------------
The Asynchronous Beans WorkWithExecutionContext object
created with the 5.0 version of Asynchronous Beans stores
security information incorrectly, which can cause
deserialization errors and ASYN9999E errors to appear
in the WebSphere Application Server log files.  This
happens if the interoperating versions of WebSphere Application
Server have different implementations of Java Authentication
and Authorization Service (JAAS).  This error
most likely occurs when interoperating between two different
platforms, but may occur on the same platform if the JAAS
implementation is updated on any of the servers.

Security information is stored with the
WorkWithExecutionContext object only when the following
conditions are true:
1)  The WorkManager resource used to create the
    WorkWithExecutionContext object has the "security"
    context policy attribute enabled.
2)  Global Security is enabled on the WebSphere
    Application Server.

If either of the previous conditions are false, then there
should not be an interoperability issue.

If the JAAS implementation JAR files have already been updated
or
changed such that all servers are already experiencing
ASYN9999E errors, then apply the original version
of the JAAS implementation JAR files that were used to
serialize the WorkWithExecutionContext data, or follow
the "General Recovery Procedures" in this document on
each platform that is having the problem to ensure all
data is reserialized to the correct version.

Problem Description - Interoperability
--------------------------------------
To avoid further problems interoperating between releases
or platforms of Asynchronous Beans, the Serialization
mechanisms within Asynchronous Beans have been updated such
so that a 5.0 version of an Asynchronous Beans
WorkWithExecutionContext object is not able to
deserialize a WorkWithExecutionContext object serialized
with a Version 5.0.1 release or later.
Problem conclusion
Recovery and Interoperability Procedures
----------------------------------------
If any of the conditions described in the
"Problem Description - Security" section of this document are
true, then all data with serialized 5.0
WorkWithExecutionContext object must be re-serialized with
the updated format.

Regardless of whether or not any of the conditions described
in the "Problem Description - Security" section of this
document are true, apply interim fix, PQ72742, to all
WebSphere Application Server Enterprise 5.0 servers that
expect to interoperate with Version 5.0.1 and later
servers or expect to interoperate with other Version 5.0
servers that have PQ72742 applied.

Servers with interim fix PQ72742 or Version 5.0.1 applied
are able to read WorkWithExecutionContext data serialized
with the 5.0 version, but servers at the Version 5.0 level
are not able to read data serialized in the PQ72742 or
Version 5.0.1 format.  If this occurs, errors such as the
following appear:
ASYN9999E: Unexpected Exception Occurred:
java.io.OptionalDataException

General Recovery Procedures
---------------------------
1)  Apply interim fix PQ72742 or PTF 1 to bring all
    affected servers up to the Version 5.0.1
    WorkWithExecutionContext level. At this point, all
    servers are functioning normally, assuming
    that the security problems outlined in this document
    are not true.
2)  If any of the conditions described in the
    "Problem Description - Security" section of this
    document are true, re-serialize all data.  For example,
    modify the existing EJB or servlet used to serialize the
    WorkWithExecutionContext, so that it rewrites the
    object using a java.io.ObjectOutputStream:
      ObjectInputStream ois = new ObjectInputStream(...);
      ObjectOutputStream oos = new ObjectOutputStream(...);
      Object in = ois.readObject();
      oos.writeObject(in);
oos.flush();
Temporary fix
WAS_AsynchBeans_04-07-2003_5.0.0_cumulative_Fix
Comments
APAR information
APAR number PQ72742
Reported component name WAS ENTERPRISE
Reported component ID 5630A3700
Reported release 00W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-04-02
Closed date 2003-04-30
Last modified date 2003-04-30

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Enterprise Edition (EE)
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ72742
IBM Group: Software Group
Modified date: Apr 30, 2003