APAR status
Closed as program error.
Error description
If one has a java client running on a windows machine with the
WAS 5.0.2 Pluggable
Client for 141, and one tries to make a connection to a WAS
5.0.2.4 Server app with security
enabled, and try to make that connection WITHOUT SSL - the
attempt fails, throwing an exception.
It appears to be trying to get an SSL connection - regardless of
settings in sas.client.props file.
In the client-side sas.client.props has following properties
com.ibm.CSI.performClientAuthenticationRequired=true
com.ibm.CSI.performClientAuthenticationSupported=true
com.ibm.CSI.performTLClientAuthenticationRequired=false
com.ibm.CSI.performTLClientAuthenticationSupported=false
com.ibm.CSI.performTransportAssocSSLTLSRequired=false
com.ibm.CSI.performTransportAssocSSLTLSSupported=false
com.ibm.CSI.performMessageIntegrityRequired=false
com.ibm.CSI.performMessageIntegritySupported=false
com.ibm.CSI.performMessageConfidentialityRequired=false
com.ibm.CSI.performMessageConfidentialitySupported=false
On the server we choose the following settings
Global Security=Enabled
Active Protocol=CSI
Active Authentication Mechanism=SWAM
CSIv2 Inbound Transport=SSL Supported
CSIv2 Outbound Transport=SSL Supported
Local fix
N/A
Problem summary
****************************************************************
* USERS AFFECTED: Websphere Application Server users who *
* have enabled security and have implemented *
* an RMI client which does not utilize SSL. *
****************************************************************
* PROBLEM DESCRIPTION: RMI clients cannot initiate TCP *
* connections and are forced to use SSL *
* if security is enabled on the target *
* server. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
RMI clients cannot initiate TCP connections and are forced to
use SSL if security is enabled on the target server.
Problem conclusion
Code was corrected to allow RMI clients to make TCP connections
when security is enabled.
Temporary fix
Provide test fix
Comments
APAR information |
APAR number |
PQ90666 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
00W |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-06-25 |
Closed date |
2004-08-10 |
Last modified date |
2004-08-10 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|