PQ71760: CLARIFY SECTION DETERMINING THE USER ID FOR RESOURCE AUTHENTICATION IN ASSEMBLING J2EE APPLICATIONS

APAR status
Closed as documentation error.

Error description
Application assemblers or deployers use the res-auth deployment
element to specify whether the container or application
component will determine the user ID. They also may set or alter
the user ID through the RunAsor Set OS thread identity to
RunAs identity deployment descriptor elements.  Application
assemblers use the WebSphere for z/OS Application Assembly tool
to set these elements in the deployment descriptor.
.
Application installers can configure a WebSphere for z/OS J2EE
server to honor an applications use of the Set OS thread
identity to RunAs identity deployment descriptor element along
with container-managed resource authentication.
To do so, they use the Administration application to select the
Enable Setting OS thread ID to RunAs ID property.
.
The "Set OS thread identity to RunAs identity"deployment
descriptor element is not required in the above statements.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 version 4.0.1 for z/OS and OS/390            *
****************************************************************
* PROBLEM DESCRIPTION: Application installers can configure a  *
*                      WebSphere for z/OS J2EE server to honor *
*                      an applications use of the Set OS       *
*                      thread identity to RunAs identity       *
*                      deployment descriptor element along     *
*                      with container-managed resource         *
*                      authentication. To do so, they use the  *
*                      Administration application to select    *
*                      the Enable Setting OS thread ID to      *
*                      RunAs ID property.                      *
*                      The "Set OS thread identity to RunAs    *
*                      identity" deployment descriptor element *
*                      is not required.                        *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Application assemblers or deployers use the res-auth deployment
element to specify whether the container or application
component will determine the user ID. They also may set or alter
the user ID through the RunAsor Set OS thread identity to
RunAs identity deployment descriptor elements.  Application
assemblers use the WebSphere for z/OS Application Assembly tool
to set these elements in the deployment descriptor.
Application installers can configure a WebSphere for z/OS J2EE
server to honor an applications use of the Set OS thread
identity to RunAs identity deployment descriptor element along
with container-managed resource authentication.
To do so, they use the Administration application to select the
Enable Setting OS thread ID to RunAs ID property.
The "Set OS thread identity to RunAs identity"deployment
descriptor element is not required in the above statements.
Problem conclusion
The following information was revised as a result of
APAR PQ71760:
The third bullet in Chapter 4, section "
Determining the user ID for resource authentication" of
"WebSphere Application Server V4.0.1 for z/OS and OS/390
Assembling Java2 Platform, Enterprise Edition (J2EE)
Applications," SA22-7836-06, has been changed to the following:
Application installers can configure a WebSphere for z/OS J2EE
server to honor an application's deployment descriptor settings
for RunAs and for container-managed authentication. To do so,
they use the Administration application to select the Enable
Setting OS thread ID to RunAs ID property.

NOTE: Periodically, we refresh the documentation on our Web site
so these changes might have been made before you read this text.
To access the latest on-line documentation, go to the WebSphere
Application Server for z/OS library page at URL:

www.ibm.com/software/webservers/appserv/zos_os390/library/
Temporary fix Comments
APAR information
APAR number PQ71760
Reported component name WASKBASE
Reported component ID 5655A9801
Reported release 401
Status CLOSED DOC
PE NoPE
HIPER NoHIPER
Submitted date 2003-03-06
Closed date 2003-09-08
Last modified date 2003-09-08

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Fix information

Applicable component levels


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ71760
IBM Group: Software Group
Modified date: Sep 8, 2003