PQ90170; 5.0.2: Web modules security constraints not correctly updated
 Downloadable files
 
Abstract
Web modules security constraints are not updated correctly when security role names are changed at the enterprise application level.
 
Download Description
PQ90170 resolves the following problem:

ERROR DESCRIPTION:
Web module security constraints are not always updated correctly when security role names are changed at the enterprise application level. PQ83016 did not completely correct this problem.

USERS AFFECTED:
WebSphere® Application Server developers using the Application Assembly Tool (AAT) to change security role names at the enterprise application level and expecting these changes to roll down to EJB™ and Web levels. All platforms are affected.

PROBLEM DESCRIPTION:
A null pointer exception is thrown and not all security constraint values are updated properly. Changes to security role names at the application level see the description value appearing as the new role name after the change. This is a display failure only.

RECOMMENDATION:
If you change the security role name at the application level, the displayed value of this new role name will
be the same as the description field. If the application has several security constraint values in one or more Web modules, and one of these security constraints does not have an associated role names, a null pointer exception is thrown and processing of the security constraints terminates. Consequently, you may see some values changed properly, while others are not.

PROBLEM CONCLUSION:
To prevent the name change, a line resetting a result value was commented out in BaseObjectDescriptor.java. This line was resetting a result value when it should not have done so. To fix the security constraint problem, it sufficed to add a check in the SecurityRoleObject.java code to test whether a security constraint had any role names before attempting to do any further processing. This prevents the exception problem.
 
Prerequisites
Please download the UpdateInstaller below to install this fix.
 
URL LANGUAGE SIZE(Bytes)
UpdateInstaller US English 7250000
 
 
Installation instructions
Please review the readme.txt for detailed installation instructions.
 
URL LANGUAGE SIZE(Bytes)
Readme US English 2220
 
Download package
What is DD?
DOWNLOAD RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
PQ90170 7/15/2004 US English 10912 FTP DD
 
Technical support
1-800-IBM-SERV (U.S. Only)
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
Problems (APARs) fixed
PQ90170
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Deploy (for example: AAT or ANT or EAR/WAR/JAR)
Operating system(s): Windows
Software version: 5.0.2
Software edition:
Reference #: 4007488
IBM Group: Software Group
Modified date: Jul 19, 2004