PQ68078: WEBSPHERE SECURITY SAS THROWS NULLPOINTEREXCEPTION WHEN CREDENTIALS EXPIRE

 Fixes are available

4.0.6: WebSphere Application Server Version 4.0 Fix Pack 6
Security; V4.0.2-V4.0.7: Cumulative fix for security component



APAR status
Closed as program error.

Error description
Customer sees NullPointerException thrown when the credential
expires in the sas.server.log file.  Error in log shows:
 2> [2002-10-08 20:27:25.491], [ServerID: 657623458],
[SecureAssociationInterceptorImpl.server_system_exception],
Severity code = 0, Error code = 0, Log Exception:
java.lang.NullPointerException
 at
com.ibm.ISecurityLocalObjectBaseL13Impl.SecureAssociationInterce
ptorImpl.server_system_exception(SecureAssociationInterceptorImp
l.java:1824)
 at com.ibm.CORBA.iiop.RIs.iterateServerException(RIs.java:739)
 at
com.ibm.CORBA.iiop.RIs.iterateServerExceptionYesYesNoNo(RIs.java
:758)
 at
com.ibm.CORBA.iiop.ServerResponseImpl.interceptAndWriteHeaderFir
st(ServerResponseImpl.java:405)
 at
com.ibm.CORBA.iiop.ServerResponseImpl.write_string(ServerRespons
eImpl.java:643)
 at
com.ibm.rmi.util.Utility.writeSystemException(Utility.java:1168)
 at
com.ibm.CORBA.iiop.ServerRequestImpl.createSystemExceptionRespon
se(ServerRequestImpl.java:316)
 at
com.ibm.CORBA.iiop.ServerRequestImpl.createUnknownExceptionRespo
nse(ServerRequestImpl.java:238)
 at
com.ibm.CORBA.iiop.ExtendedServerDelegate.dispatch(ExtendedServe
rDelegate.java:585)
 at com.ibm.CORBA.iiop.ORB.process(ORB.java:2377)
 at com.ibm.CORBA.iiop.OrbWorker.run(OrbWorker.java:186)
 at
com.ibm.ejs.oa.pool.ThreadPool$PooledWorker.run(ThreadPool.java:
104)
 at com.ibm.ws.util.CachedThread.run(ThreadPool.java:137)
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 have enabled security and use LTPA as the    *
*                 authentication mechanism.                    *
****************************************************************
* PROBLEM DESCRIPTION: NullPointerException thrown when on     *
*                      credential expiration.                  *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
NullPointerException thrown when the credential expires.
Error in log shows:
2>  2002-10-08 20:27:25.491 ,  ServerID: 657623458 ,
SecureAssociationInterceptorImpl.server_system_exception ,
Severity code = 0, Error code = 0, Log Exception:
java.lang.NullPointerException
at
com.ibm.ISecurityLocalObjectBaseL13Impl.SecureAssociationInterce
ptorImpl.server_system_exception(SecureAssociationInterceptorImp
l.java:1824)
at com.ibm.CORBA.iiop.RIs.iterateServerException(RIs.java:739)
at
com.ibm.CORBA.iiop.RIs.iterateServerExceptionYesYesNoNo(RIs.java
:758)
at
com.ibm.CORBA.iiop.ServerResponseImpl.interceptAndWriteHeaderFir
st(ServerResponseImpl.java:405)
at
com.ibm.CORBA.iiop.ServerResponseImpl.write_string(ServerRespons
eImpl.java:643)
at
com.ibm.rmi.util.Utility.writeSystemException(Utility.java:1168)
at
com.ibm.CORBA.iiop.ServerRequestImpl.createSystemExceptionRespon
se(ServerRequestImpl.java:316)
at
com.ibm.CORBA.iiop.ServerRequestImpl.createUnknownExceptionRespo
nse(ServerRequestImpl.java:238)
at
com.ibm.CORBA.iiop.ExtendedServerDelegate.dispatch(ExtendedServe
rDelegate.java:585)
at com.ibm.CORBA.iiop.ORB.process(ORB.java:2377)
at com.ibm.CORBA.iiop.OrbWorker.run(OrbWorker.java:186)
at
com.ibm.ejs.oa.pool.ThreadPool$PooledWorker.run(ThreadPool.java:
104)
at com.ibm.ws.util.CachedThread.run(ThreadPool.java:137)
Problem conclusion
Null condition is now checked when processing system_exceptions.

A fix for this APAR will be contained in any security cumulative
eFix dated after the closure date of this APAR.
Temporary fix
Available
Comments
APAR information
APAR number PQ68078
Reported component name WEBSPHERE AE AI
Reported component ID 5630A2200
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-11-08
Closed date 2003-01-08
Last modified date 2003-01-08

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

SRLS

Fix information
Fixed component name WEBSPHERE AE AI
Fixed component ID 5630A2200

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ68078
IBM Group: Software Group
Modified date: Jan 8, 2003