PK10132: ACCESSCONTROLEXCEPTION THROWN WHEN RUNNING A SERVLET UNDER AN EXTERNAL SECURITY MANAGER

 Fixes are available

5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for AIX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Windows
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for HP-UX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Solaris
5.1.1.7: WebSphere Application Server Version 5.1.1 Cumulative Fix 7
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Linux



APAR status
Closed as program error.

Error description
Customers Security manager has a stricter policy and because
WebSphere tries to add a thread as part of a request process
(rather than a system process) -- their Security manager does
not allow it.
Local fix
test fix given to client and positive feedback
Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 employ an external security manager          *
****************************************************************
* PROBLEM DESCRIPTION: AccessControlException thrown when      *
*                      running a servlet under external        *
*                      security manager                        *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
java.security.AccessControlException raised when running a
servlet under an external security manager.
The customers Security manager has a strict policy and because
Application Server tries to add a thread as part of a request
process (rather than a system process) -- their Security
manager does not allow it.
Problem conclusion
Class ThreadPool will be changed to ensure that the call to
add a thread is done under a doPriveleged method, so that the
security managaer can authenticate the server issuing the call.
The fix for this APAR is currently targeted for inclusion in
fixpack 5.1.1.7.
Please refer to the recommended updates page for delivery
information:

http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix Comments
APAR information
APAR number PK10132
Reported component name WAS BASE 5.0
Reported component ID 5630A3600
Reported release 10I
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2005-08-09
Closed date 2005-09-02
Last modified date 2005-09-02

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
THRDPOOL          

Publications Referenced

Fix information
Fixed component name WAS BASE 5.0
Fixed component ID 5630A3600

Applicable component levels
R003 PSN    UP
R00A PSN    UP
R00H PSN    UP
R00I PSN    UP
R00P PSN    UP
R00S PSN    UP
R00W PSN    UP
R103 PSY    UP
R10A PSY    UP
R10H PSY    UP
R10I PSY    UP
R10P PSY    UP
R10S PSY    UP
R10W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 10I
Software edition:
Reference #: PK10132
IBM Group: Software Group
Modified date: Sep 2, 2005