PK45192: WEB SERVICE REQUESTS MIGHT BE SENT OVER HTTPS INSTEAD OF HTTP WHEN WS-ATOMIC TRANSACTION IS USED WITH GLOBAL SECURITY ENABLED

 A specific fix for this item is not yet available electronically

This record will be updated with a link to the fix if the APAR is new.
For APARs older than 365 days, contact your support center.



APAR status
Closed as program error.

Error description
In WebSphere Application Server V6, a web service client may
sent a request message over HTTPS rather than HTTP when global
security is enabled and WS-Atomic Transaction is used.  The
WebSphere WS-Atomic Transaction implementation needs to be fixed
so that request messages can be sent over HTTP when global
security is enabled.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All IBM WebSphere Application Server users   *
*                 of Web Services - Atomic Transactions        *
*                 (WS-AT) on z/OS Platform in a secure         *
*                 environment                                  *
****************************************************************
* PROBLEM DESCRIPTION: Enabling WebSphere Application Server   *
*                      global security settings caused  WS-AT  *
*                      messages to be transmitted over HTTPS.  *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The decision regarding whether to send WS-AT request messages
over HTTPS rather than HTTP was based on the global security
setting applied on the application server, and not related to
whether or not SSL was enabled on the chosen transport chain.

If WebSphere Application Server global security was enabled,
the assumption was being made that the WS-AT protocol messages
should also be sent secure - by default, the transaction
service will use the default secure Web container transport
chain: WCInboundDefaultSecure.  To use an alternate transport
chain in a secure environment, the WSTX_SECURE_TRANSPORT_CHAIN
custom property details which transport chain should be used.
While WS-AT would use the defined chain in the secure
environment, it ignored the security settings in force on the
specified transport chain, causing the messages to be always
sent over HTTPS.
Problem conclusion
Changes were made to ensure that HTTP or HTTPS is
selected based on the security settings in force on that
transport chain defined by the custom property.

As described in the Information Centre, for WS-AT to operate
in a secure environment the following custom property must be
enabled :

WSTX_SECURE_TRANSPORT_CHAIN=WCInboundDefault

Also, the 'Enable protocol security' checkbox in the
Administrative Console must be unchecked.  The checkbox is
located on the following Administrative Console panel :

Servers > Application Servers > 'server name' >
          Container Services > Transaction Service

APAR PK45192 is currently targeted for inclusion in Service
Level (Fix Pack) 6.1.0.10 of WebSphere Application Server V6.1
for z/OS.
Temporary fix Comments
APAR information
APAR number PK45192
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 610
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2007-05-14
Closed date 2007-07-20
Last modified date 2007-07-20

APAR is sysrouted FROM one or more of the following:
PK44945

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSN    UP
R601 PSN    UP
R610 PSY    UP


Document Information


Current web document: swg1PK45192.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 610
Software edition:
Reference #: PK45192
IBM Group: Software Group
Modified date: Jul 20, 2007