APAR status
Closed as program error.
Error description
A remote Java client attempting to connect to a
WAS 5.1.1 server running on a different machine. Security
is enabled. (WAS_INSTALL_ROOT)/properties/sas.client.props
file has the com.ibm.CORBA.loginSource set to none (so the
authentication is done programmatically not through the
popup dialog, as the default setting does).
The login failed with "SECJ0395E: Could not locate the
SecurityServer at host/port:/ to validate the userid and
password entered.". The same code, running against an
identically-configured WAS server running on the same
machine as the client worked fine.
A few experimentations showed that the login against the
remote server worked if the following properties in the
sas.client.props were set to the hostname/boostrap port
of the remote server:
com.ibm.CORBA.securityServerHost=
com.ibm.CORBA.securityServerPort=
The issues seems to be that the customer should be able
to override these two properties in the same way as others
(see an example code below). However, tests showed that
only hardcoded values in the sas.client.props file
are used.
Properties props = new Properties();
props.put("org.omg.CORBA.ORBClass",
"com.ibm.CORBA.iiop.ORB");
props.put
("com.ibm.CORBA.ORBInitRef.NameService",
"corbaloc:iiop:" + serverName
+ ":" + serverPort + "/NameService");
props.put
("com.ibm.CORBA.ORBInitRef.NameServiceServerRoot",
"corbaloc:iiop:" + serverName + ":" + serverPort
+ "/NameServiceServerRoot");
props.put("com.ibm.CORBA.loginUserid", username);
props.put("com.ibm.CORBA.loginPassword", password);
props.put("com.ibm.CORBA.securityServerHost",
serverName); //this line is ignored !
props.put("com.ibm.CORBA.securityServerPort",
serverPort); //this line is ignored !
orb = ORB.init((String[]) null, props);
Can we get a clarification from the WAS team if only the file
is
considered for those 2 parameters?
Development indicated that it appears that these properties
do not appear in the SecurityPropertyManager so they are
ignored by the ORB property manager plugin.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who *
* override the following properties *
* com.ibm.CORBA.securityServerHost= *
* com.ibm.CORBA.securityServerPort= *
****************************************************************
* PROBLEM DESCRIPTION: The following properties are not *
* honored: *
* com.ibm.CORBA.securityServerHost= *
* com.ibm.CORBA.securityServerPort= *
****************************************************************
* RECOMMENDATION: *
****************************************************************
The properties com.ibm.CORBA.securityServerHost and
com.ibm.CORBA.securityServerPort is not read in
when a user tries to override it.
Problem conclusion
Logic was corrected to use the properties when set.
Temporary fix Comments
APAR information |
APAR number |
PQ93263 |
Reported component name |
WAS NETWRK DEPL |
Reported component ID |
5630A3601 |
Reported release |
10W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-08-24 |
Closed date |
2004-08-27 |
Last modified date |
2004-08-27 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
|