PQ94382: ROLEBASEAUTHENTICATION IS LOOKING FOR THE CALLER SUBJECT FIRST | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description We do a WSSubject.doAs to change the Subject to one that has permissions. After that we create an AdminClient that uses SOAP. In the SOAP properties we specified "isInternal" "true" so that the credentials will be used from the thread. On the Application Server side of the SOAP call the caller subject is checked first though and the call fails.Local fix Problem summary **************************************************************** * USERS AFFECTED: Users of the WebSphere Application Server * * 5.1.1 servicepack release * **************************************************************** * PROBLEM DESCRIPTION: ROLEBASEAUTHENTICATION is looking for * * the caller subject * **************************************************************** * RECOMMENDATION: * **************************************************************** We do a WSSubject.doAs to change the Subject to one that has permissions. After that we create an AdminClient that uses SOAP. In the SOAP properties we specified "isInternal" "true" so that the credentials will be used from the thread. On the Application Server side of the SOAP call the caller subject is checked first though and the call fails.Problem conclusion AdminClient thread credentials are checked before the caller subjectTemporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 10A
Software edition:
Reference #: PQ94382
IBM Group: Software Group
Modified date: Oct 20, 2004
(C) Copyright IBM Corporation 2000, 2008. All Rights Reserved.