PK02101: ABENDDC3 RC=02040008 WHEN A NULL OR EMPTY STRING IS PASSED TO HTTPSERVLETREQUEST.ISUSERINROLE METHOD.

 A fix is available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
Customer has a web application runnning with security enabled.
When attempting to invoke method
.
HttpServletRequest.isUserInRole()
.
with a null or empty String a DC3 0204008 abend occurs with the
following stacktrace.
.
BBOSSMEP
EJBROLES::checkingRolesPermission
EJBROLES::isClientInRole
Java_com_ibm_ws_security_core_SAFAuthorizationTableImpl_native_1
SAFisCallerInRole
com/ibm/ws/security/core/SAFAuthorizationTableImpl.native_SAFisC
allerInRole
com/ibm/ws/security/core/SAFAuthorizationTableImpl.callerAndUser
InRole
com/ibm/ws/security/core/SAFAuthorizationTableImpl.isGrantedRole
com/ibm/ws/security/core/WSAccessManager.isGrantedRole
com/ibm/ws/security/core/WSAccessManager.isGrantedRole
com/ibm/ws/security/web/WebCollaborator.isUserInRole
com/ibm/ws/webcontainer/webapp/WebAppSecurityCollaborator.isUser
InRole
com/ibm/ws/webcontainer/srt/SRTServletRequestContext.isUserInRol
e
com/ibm/ws/webcontainer/srt/SRTServletRequest.isUserInRole
com/customer/code/CustomerServlet.isUserInRole
Local fix
Do not pass a null String into  HttpServletRequest.isUserInRole
method.
Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V5.0 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: User ABEND SDC3 with reason code        *
*                      02040008 when calling                   *
*                      HTTPServletRequest.isUserInRole         *
*                      with a role name of length 0.           *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
If a call is made to isUserInRole with a role name of length
zero, the code checks to see if the role name length is less
than or equal to 0.  If true, a SDC3 abend with reason
code 02040008 is issued.
Problem conclusion
Code changed to abend only if the role name length is
less than zero.

APAR PK02101 is associated with SERVICE LEVEL W502026 of
WebSphere Application Server V5.0 for z/OS.
Temporary fix Comments
APAR information
APAR number PK02101
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 500
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2005-03-07
Closed date 2005-03-21
Last modified date 2005-04-28

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
PK03144 PK04345

Modules/Macros
BBOUBINF          

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSY UK01700    UP05/03/24 P F503

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PK02101.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PK02101
IBM Group: Software Group
Modified date: Apr 28, 2005