PQ83598: IN CERTAIN CASES, WEBSPHERE CREATES NEW CONNECTIONS WHEN THERE ARE AVAILABLE POOLED CONNECTIONS (DB2, MQ, IMS, CICS, ETC) | |||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Customer was monitoring Websphere's connection pooling by displaying the number of physical DB2 threads that are created. At times when all the pooled connections to DB2 are essentially available, an application attempts to get a new connection with with the same authentication information (ie: userid) as the authentication information used to get connections currently in the free pool. A new connection was created to DB2 instead of getting a connection from the free pool. . Additional Symptoms: -------------------- WebSphere using MQ Connections. JAVA OutOfMemory reported in the WebSphere Servant region address space. Review of the address space shows that there are MANY, (in one case more than 900 TCB;s that have the following Stack Trace: . Function -------- CEEOPCT (pthread_cond_timedwait) pthread_cond_timedwait condTimedWait sysMonitorWait xmThreadSleep JVM_Sleep java/lang/Thread.sleep(J)V com/ibm/ejs/j2c/poolmanager/TaskTimer.run INVOKDMY com/ibm/ejs/j2c/poolmanager/TaskTimer.run mmipExecuteJava xeRunDynamicMethod threadRT0 xmExecuteThread threadStart ThreadUtils_Shell @@GETFN CEEOPCMM (unknown) CEEOPCMM (unknown) . Note that these are NOT WebSphere worker threads, but they are WebSphere started threads. . Additional search words: poolscavenger . . LOCAL FIX for the Java OutOfMemoryError reported when using MQ Connections within a server region: 1) For MQ connections: There is a 'ReapTime' value associated with the 'Connection Pool' and the 'Session Pool' settings of the 'Queue Connection Factory' that is defined in the Admin Console. . The 'ReapTime' can be set to '0' (zero) as a workaround. . To set the ReapTime value, . The 'path' in in the Admin Console would be: a) Go to the server b) set the 'scope' to be where the resource was defined under . If using Full MQ provider, the path is: -> WebSphere MQ JMS Provider -> WebSphere MQ Queue Connection Factories -> <my QCF> -> Connection Pool . -> WebSphere MQ JMS Provider -> WebSphere MQ Queue Connection Factories -> <my QCF> -> Session Pool . If using the IJP (the MQ-Lite that ships with WebSphere) the path is: . -> WebSphere JMS Provider -> WebSphere Queue Connection Factories -> <my QCF> -> Connection Pool . -> WebSphere JMS Provider -> WebSphere Queue Connection Factories -> <my QCF> -> Connection Pool . In all of the above <my QCF> is the 'connection factory' that is defined. . In this panel, you can set the 'ReapTime' value to '0' to circumvent the problem. . ------------------------------------------- Another separate symptom fixed by this apar ------------------------------------------- BBOO0223I security.auth.j2c.invalidSubject message from function com.ibm.ws.security.auth.j2c.WSLocalzOSExtensionImpl and from function com.ibm.ejs.j2c.ThreadIdentitySecurityHelper the following at the top of the callback stack: J2CA0079E: Method ThreadIdentitySecurityHelper.finalizeSubject() has detected an internal illegal state and is throwing an IllegalStateException. The exception is: java.lang.IllegalStateException: Unable to build valid j2c Subject com.ibm.ws.security.auth.j2c.WSLocalzOSExtensionImpl. getLocalOSInvocationSubject(WSLocalzOSExtensionImpl.java:138) com.ibm.ejs.j2c.ThreadIdentitySecurityHelper.finalizeSubject (ThreadIdentitySecurityHelper.java:370) com.ibm.ejs.j2c.ConnectionManager.allocateConnection (ConnectionManager.java:494) com.ibm.ejs.jms.JMSQueueConnectionFactoryHandle. createQueueConnection(JMSQueueConnectionFactoryHandle.java:80)Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V5.0 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: WebSphere creates new DB2 Connections * * there are already pooled connections * * for the same MVS identity. * **************************************************************** * RECOMMENDATION: * **************************************************************** The WebSphere security runtime created new J2c Subjects each time a DB2 connection was attempted for a given user. This caused a new Subject, with a new Principal object and and usually a new WSCredential Object to be returned to the connection management layer. Ultimately, the connection manager layer did not find a match between this new subject and the one it had cached to represent it pooled connection, and would then create a new pooled onnection.Problem conclusion The WebSphere security runtime was modified to return the identical Subject to the connection management subsystem on requests by the same authenticated user, until the authentication cache timeout value has been reached. At this point a new Subject will be created for use by connection management. APAR PQ83598 is associated with SERVICE LEVEL W502005 of WebSphere Application Server V5.0 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Document Information |
Current web document: swg1PQ83598.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ83598
IBM Group: Software Group
Modified date: Apr 28, 2004
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.