PQ94304: WSSUBJECT.DOAS() OR WSSUBJECT.SETRUNASSUBJECT() DO NOT ALLOW ACCESS TO ADMINISTRATION OF NAMING RESOURCES. | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description The authorization to an administration or naming resource fails even though a user with proper access has been set on the thread of execution via WSSubject.doAs() or even WSSubject.setRunAsSubject(). The following error may be received. SECJ0305I: Role based authorization check failed for security name <some_name>, accessId <some_access_ID> while invoking method <some_method_name> on resource <some_resource> and module <some_module>. Internal defect 225243.Local fix Make sure the caller has the proper permissions for invoking the resource.Problem summary **************************************************************** * USERS AFFECTED: All WebSphere Application Server users * * using WSSubject.doAs() function to set a * * Subject with more privilege than that of * * the caller to access an Administration * * or Naming resource. * **************************************************************** * PROBLEM DESCRIPTION: The caller Subject is used for * * authorization purposes before the * * one set with WSSubject.doAs(). * **************************************************************** * RECOMMENDATION: * **************************************************************** The caller Subject is used for authorization purposes before one set with WSSubject.doAs() or WSSubject.setRunAsSubject(). This may cause authorization to incorrectly fail.Problem conclusion The invocation Subject (the one set with doAs() and setRunAsSubject()) is now used instead of the caller subject if it is set.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ94304
IBM Group: Software Group
Modified date: Oct 11, 2004
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.