PQ72630: JSP 'S USING ISUSERINROLE("XXX") METHOD WILL RECEIVE FALSE IF THE JSP IS NOT MAPPED IN WEB.XML FILE | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description If a JSP uses programmatic security methods like isUserInRole it will always receive FALSE or NULL if the JSP is not mapped in the web.xml file. This means that all JSP 's must be defined in the web.xml to guarentee they function correctly. This behavior is inconsistent with how WebSphere distributed functions with the same application ear ---------------------------------------------------------------- WORKAROUND: The work around for this error is to map the JSPLocal fix HBCProblem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * version 4.0.1 for z/OS and OS/390. * **************************************************************** * PROBLEM DESCRIPTION: The isUserInRole method inside a JSP * * always returns false, when there is no * * servlet definition for the JSP in the * * WebApplication deployment descriptor. * **************************************************************** * RECOMMENDATION: * **************************************************************** When there is no servlet definition for a JSP in the WebApplication deployment descriptor, there will not be a role-ref to role-link mapping. Since there is no way for us to determine a role-link, the code always returned a false for the isUserInRole in this case.Problem conclusion As per the Servlet 2.3 specification, if a role-ref to role-link mapping is missing, use user provided rolename, i.e role-ref=role-link. APAR PQ72630 is associated with SERVICE LEVEL W401504 of WebSphere Application Server version 4.0.1 for z/OS and OS/390.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ72630
IBM Group: Software Group
Modified date: Jun 5, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.