PQ59447: USERS & GROUPS WHOSE NAME/STRING IS MORE THAN 127 BYTES LONG WILL GET "JAVA.LANG.NEGATIVEARRAYSIZEEXCEPTION" EXCEPTIONS

APAR status
Closed as program error.

Error description
Users who belong to more than 127 groups or belong to a group
whose name is greater then 127 bytes long will fail
authorization.  A "NegativeArraySizeException" message will be
evident in traces and possibly be visable on a web client.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users       *
*                 using security and adding users to groups    *
*                 with names greater than 127 bytes long or    *
*                 adding users to more than 127 groups.        *
*                 All WebSphere Application Server users       *
*                 using security and adding users to groups    *
*                 with names greater than 127 bytes long or    *
*                 adding users to more than 127 groups.        *
****************************************************************
* PROBLEM DESCRIPTION: Users encounter an authentication       *
*                      failure for Java clients or an Error    *
*                      500 for web clients.                    *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Users encounter an authentication failure for Java clients or
an Error 500 for web clients.  The problem is a
NegativeArraySizeException occurs in SecurityAttributeList
due to the conversion of byte values into integers before
bitwsie operations were performed.  Negative byte values
were sign extended yeilding a negative value for the final
integer after bitwise operations completed.
Problem conclusion
Sign extended bits were masked off before the bitwise operation
was performed.
Temporary fix
PQ59150-3.5.5-3.5.6.jar
Comments
APAR information
APAR number PQ59447
Reported component name WEBSPHERE AE NT
Reported component ID 5630A2201
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-03-26
Closed date 2002-03-26
Last modified date 2002-04-03

APAR is sysrouted FROM one or more of the following:
PQ59150

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information
Fixed component name WEBSPHERE AE NT
Fixed component ID 5630A2201

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ59447
IBM Group: Software Group
Modified date: Apr 3, 2002