PK08366: WEBSERVICE STUBS' SESSION HANDLING NOT THREADSAFE

 A fix is available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
The SessionContext set via the corresponding property gets
mixed up between the users' threads - so user A sends out
session cookie B while user B sends out cookie A.
The 'ideal' MessageContext for each operation is cloned on
every invocation, but this code conflicts with the ThreadLocal
session code.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V5.0 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: Incorrect session cookies can be sent   *
*                      out due to incorrect cloning of         *
*                      MessageContexts.                        *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The SessionContext set via the corresponding property gets
mixed up between the users' threads. So user A sends out
session cookie B while user B sends out cookie A. The 'ideal'
MessageContext for each operation is cloned on every
invocation, but this code conflicts with the ThreadLocal
session code.
Problem conclusion
Code was modified so the SessionContext properties
do not get mixed up between the user's threads.

APAR PK08366 is associated with SERVICE LEVEL W502033 of
WebSphere Application Server V5.0 for z/OS.
Temporary fix Comments
APAR information
APAR number PK08366
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 500
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2005-07-13
Closed date 2005-08-24
Last modified date 2005-09-02

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PK10169

Modules/Macros
BBOUBINF          

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSY UK06587    UP05/08/27 P F508

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PK08366.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PK08366
IBM Group: Software Group
Modified date: Sep 2, 2005