PQ93394: The mustUnderstand tag in wsse:Security should not always be true

 Fixes are available

5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for AIX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Windows
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for HP-UX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Solaris
5.1.1.6: WebSphere Application Server Version 5.1.1 Cumulative Fix 6
5.1.1.7: WebSphere Application Server Version 5.1.1 Cumulative Fix 7
5.1.1.4: WebSphere Application Server Version 5.1.1 Cumulative Fix 4
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Linux



APAR status
Closed as program error.

Error description
The latest specification does not require that the
mustUnderstand tag in wsse:Security must be true.

This apar was opened to follow the new spec, and allow this tag
to be true or false.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who are   *
*                 utilizing Web Services Security and using    *
*                 the 'mustUnderstand'.                        *
****************************************************************
* PROBLEM DESCRIPTION: When users use 'mustUnderstand' tag in  *
*                      wsse:Security they get an exception as  *
*                      the tag is not undetstood.              *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Users using 'mustUnderstand' tag in wsse:Security
header will get exception
WSWS3173E: Error: Did not understand "MustUnderstand"
Problem conclusion
Code was added to properly recognize the 'mustUnderstand' tag.
Temporary fix Comments
APAR information
APAR number PQ93394
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 00W
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2004-08-26
Closed date 2004-10-18
Last modified date 2004-10-18

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00P PSY    UP
R00S PSY    UP
R00W PSY    UP
R103 PSY    UP
R10A PSY    UP
R10H PSY    UP
R10I PSY    UP
R10P PSY    UP
R10S PSY    UP
R10W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00W
Software edition:
Reference #: PQ93394
IBM Group: Software Group
Modified date: Oct 18, 2004