PQ71832: NULL SESSION HANDLE ERRORS IN APPLICATION SERVER STDOUT FILE. | |||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description (PQ71832 is included in 5-16-2003 security cumulative fix.) 1.These errors occur repeatedly in the app servers stdout file. . [VaultImpl.get_security_context]: [12/13/02 9:11:12:905 EST] 1214b1 SystemOut U JSAS0170E: Null session handle in session table. Check to see if a server process has terminated just prior to receiving these errors. If a process has terminated, restart the process and retry the operation. Verify that the client userid/password is valid. If the login fails, the session will be deleted on the client side and the credentials will be marked invalid. If a retry occurs, you will likely see this error. Restart the client program after verifying the login info. If the errors persist, contact support for assistance. . 2.The errors happen on different application servers at different times. The customer has 52 application servers running on 2 nodes (36:1 ratio). The error also occurs in his production system which has 8 application servers to 1 node. . 3. When customer enables tracing, the errors do not occur. He is using seclogger40.jar for tracing. He began by filtering for these three classes: . com.ibm.CORBA.securityTraceFilter=SecureAssociationInterceptorI pl,VaultImpl,SecurityConnectionInterceptor . The problem did not occur during tracing. Once tracing was disabled, the problem came back. . He has also tried tracing while filtering for just one class at a time. The problem still does not occur even with tracing only one class. . 4. The customer has increased the value of maxopenconnections to 1000, and the errors still persists. The Sun environment has a limit of 1024 threads per process, so the most this value can be set to is 1024. . 5. The customer has tuned their system according to suggestions from the ORB team as follows. While this has improved other problems, it has not changed this problem. . 6. Two previous suggestions have NOT been tried: John suggested setting in sas.server.props file, the following property: com.ibm.CORBA.NotifyBrokenConnectionEnabled=false. This has not been tried due to concern over side effects (memory leaks). . The other suggestion was to just enable ORB tracing. The customer has concerns about the performance impact of doing this, and he is concerned that the ORB tracing will also mask the problem. . If level 3 thinks that it is essential to attempt these last two items, the customer is willing to attempt them - if their concerns are addressed. . This APAR is being created at the request of L3 security team: Because the null session handle error is a fully recoverable condition, the WebSphere administrator should not be informed of this condition. This APAR will address removing the message and making it a debug only message.Local fix Enabling security tracing on just one class causes the errors to disappear.Problem summary **************************************************************** * USERS AFFECTED: All WebSphere Application Server users who * * have enabled security. * **************************************************************** * PROBLEM DESCRIPTION: JSAS0170E: Null session handle in * * session table reported in the * * tracefile and Administration console. * **************************************************************** * RECOMMENDATION: * **************************************************************** These errors occur repeatedly in the application servers stdout file. [VaultImpl.get_security_context]: [12/13/02 9:11:12:905 EST] 1214b1 SystemOut U JSAS0170E: Null session handle in session table. Check to see if a server process has terminated just prior to receiving these errors. If a process has terminated, restart the process and retry the operation. Verify that the client userid/password is valid. If the login fails, the session will be deleted on the client side and the credentials will be marked invalid. If a retry occurs, you will likely see this error. Restart the client program after verifying the login info. If the errors persist, contact support for assistance.Problem conclusion The message currently represents a fully recoverable condition from respect of the code reporting it. The message has been converted into a message for debug tracing only.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
SRLS
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ71832
IBM Group: Software Group
Modified date: May 29, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.