APAR status
Closed as program error.
Error description
Web module security constraints not always correctly updated
when security role names changed at EAR level.
PQ83016 did not completely correct this problem.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server developers *
* using AAT to change security role *
* names at the application level and *
* expecting these changes to roll down *
* to ejb and web levels. All platforms *
* are affected. *
****************************************************************
* PROBLEM DESCRIPTION: A null pointer exception is thrown *
* and all security constraint values are *
* not updated properly. Also, change *
* to security role names at the ear *
* level see the description value *
* appearing as the new role name *
* after the change. This is a *
* display failure only. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
If you change the security role name at the application
level, the displayed value of this new role name will
be the same as the description field. Also, if the
application has several security constraint values in
one or more web modules, and one of these security
constraints does not have an associated role names,
a null pointer exception gets thrown and processing
of the security constraints terminates. So you may
see some values changed properly and some are not
changed.
Problem conclusion
To prevent the name change, a line resetting a result value
was commented out in BaseObjectDescriptor.java. This line
was resetting a result value when it should not have done so.
To fix the security constraint problem, it sufficed to
add a check in the SecurityRoleObject.java code to test
whether a security constraint had any role names before
attempting to do any further processing. This avoided
the exception problem.
Temporary fix Comments
APAR information |
APAR number |
PQ90170 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
00A |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-06-15 |
Closed date |
2004-07-15 |
Last modified date |
2004-07-15 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R003 PSY |
UP |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
|