PQ60141: INTERNAL APAR FOR WEBSPHERE APPLICATION SERVER V4.0 AND V4.01 FOR Z/OS AND OS/390

 A fix may be available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
This is an internal APAR to ship fixes in the V4.0 and V4.0.1
WebSphere Application Server for z/OS and OS/390 for APARs
fixed in V3.5 of the product.  This APAR will also ship
fixes for internal V4.0 and V4.0.1 defects.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of the WebSphere Application       *
*                 Server for z/OS and OS/390 Versions V4.0     *
*                 and V4.0.1.                                  *
****************************************************************
* PROBLEM DESCRIPTION: This APAR includes fixes for V3.5 APARs *
*                      that also apply to V4.0 and V4.0.1 of   *
*                      the WebSphere Application Server for    *
*                      z/OS and OS/390.  This APAR also        *
*                      includes fixes for V4.0 and V4.0.1      *
*                      internal defects.                       *
*                                                              *
*                      Internal defect descriptions:           *
*                      81153 -                                 *
*                       V4.0: Change the service level to 17.  *
*                       V4.0.1: Change the service level to 9. *
*                                                              *
*                      81046 - (V4.0.1 only)                   *
*                       Web Security does not properly handle  *
*                       user-data-constraint for Form Based    *
*                       Authentication, causing the "login     *
*                       screen" to be incorrectly displayed    *
*                       again. This problem only happens when  *
*                       the request comes in from the Plug-In  *
*                       side.                                  *
*                                                              *
*                      V3.5 APARs included:                    *
*                       
PQ59938                                *
*                       
PQ59939                                *
*                       
PQ60020                                *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
This APAR includes fixes for WebSphere Application Server
Version 3.5 APARs that also apply to the WebSphere Application
Server Versions V4.0 and V4.0.1.  It also includes fixes for
V4.0 and V4.0.1 internal defects.

Internal Defect Summary:

81153 -
 V4.0:   The service level needs to be changed from 16 to 17.
 V4.0.1: The service level needs to be changed from 8 to 9.

81046 -
 The problem came in from 2 areas in the Plug-In side:
 (1) The URL pattern match for Web security does not properly
     handle the case where one context root is a substring of
     another context root and, therefore, a mismatch may
     happen.
 (2) The Web security check on <user-data-constraint> did not
     properly handle the multiple <security-constraint> within
     the same Web application.  It may mismatch the
     <user-data-constraint> with another <http-method> and
     the correct <user-data-constraint> may be ignored. In the
     Form Based Authentication case, the "login screen" is
     resent to the user as a result of the mismatch.

The following Version 3.5 APAR fixes are added to Versions V4.0
and V4.0.1 and shipped with this APAR.  Refer to the closing
text for the individual APARs for more information about the
reported problem.  The APAR Abstract information is provided
here.


PQ59938 -
 WHEN RUNNING MULTIPLE VERSIONS OF A CLASS, IN SEPARATE WEB
 APPLICATIONS, OS/390 APPSERVER MAY TAKE A CLASSCASTEXCEPTION.


PQ59939 -
 CUSTOMER GETS A JAVA.LANG.ILLEGALSTATEEXCEPTION ON OS/390
 WEBSPHERE APPLICATION SERVER.


PQ60020 -
 USING PERSISTENT SESSIONS, WHEN TRYING TO SAVE AN OBJECT
 GREATER THAN 32K, THE OBJECT IS NOT SAVED AND NO ERROR MESSAGE
 IS ISSUED
Problem conclusion
81046 -
 Changes were made to
 (1) Ensure a "/" is immediately after the context root when
     the comparison is performed.
 (2) Remove the <security-constraint> checking in the Plug-In
     side since it is performed in the Web-Container side
     anyway.

81153 -
 V4.0:
 The Product Service Level is changed from 16 to 17, and the
 Product Service Descriptor is changed from L00PTF16 to
 L00PTF17 for both the V4.0 runtime and the Web container.

 V4.0.1:
 The Product Service Level is changed from 8 to 9, and the
 Product Service Descriptor is changed from L00PTF08 to
 L00PTF09 for both the V4.0.1 runtime and the Web container.

For the following Version 3.5 APARs, please refer to the closing
text for the individual APARs for the changes that were made.
 
PQ59938
 
PQ59939
 
PQ60020

This change affects the following COMPIDs:
5655A9800 R400 for z/OS and OS/390.
5655A9800 R401 for z/OS and OS/390.

The code changes are stored in CMVC under defects 81046, 81153,
 
PQ59938, 
PQ59939, 80897, and 
PQ60020.

400Y
401Y
EJSCASIN
EJSCCLAS
EJSCCMSV
EJSCCNFG
EJSCJNUT
EJSCJNWR
EJSCLOAD
EJSCLOGR
EJSCOEUT
EJSCOSUT
EJSCPLUG
EJSCPLUT
EJSCPOOL
EJSCPROP
EJSCRULS
EJSCSTUB
EJSCSVHS
EJSCVALD
EJSCVERS
EJSCWSUT
EJSJSVJR
EJSJWBJR
EJSJWCWC
EJSJWC04
EJSLNLS
EJSTLDAT
EJSXASIN
EJSXJVMX

* Cross Reference between External and Internal Names
Temporary fix
*********
* HIPER *
*********
A PTF will be supplied for Versions V4.0 and V4.01.
Comments
APAR information
APAR number PQ60141
Reported component name WEBSPHERE OS/39
Reported component ID 5655A9800
Reported release 401
Status CLOSED PER
PE NoPE
HIPER YesHIPER
Submitted date 2002-04-16
Closed date 2002-04-26
Last modified date 2002-05-02

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
UQ65664

Modules/Macros
EJSCASIN EJSCCLAS EJSCCMSV EJSCCNFG EJSCJNUT EJSCJNWR
EJSCLOAD EJSCLOGR EJSCOEUT EJSCOSUT EJSCPLUG EJSCPLUT
EJSCPOOL EJSCPROP EJSCRULS EJSCSTUB EJSCSVHS EJSCVALD
EJSCVERS EJSCWSUT EJSJSVJR EJSJWBJR EJSJWCWC EJSJWC04
EJSLNLS EJSTLDAT EJSXASIN EJSXJVMX    

Fix information
Fixed component name WEBSPHERE OS/39
Fixed component ID 5655A9800

Applicable component levels
R400 PSY UQ65664    UP02/05/01 P F204
R401 PSY UQ65665    UP02/05/01 P F204

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ60141
IBM Group: Software Group
Modified date: May 2, 2002