PQ60141: INTERNAL APAR FOR WEBSPHERE APPLICATION SERVER V4.0 AND V4.01 FOR Z/OS AND OS/390 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description This is an internal APAR to ship fixes in the V4.0 and V4.0.1 WebSphere Application Server for z/OS and OS/390 for APARs fixed in V3.5 of the product. This APAR will also ship fixes for internal V4.0 and V4.0.1 defects.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of the WebSphere Application * * Server for z/OS and OS/390 Versions V4.0 * * and V4.0.1. * **************************************************************** * PROBLEM DESCRIPTION: This APAR includes fixes for V3.5 APARs * * that also apply to V4.0 and V4.0.1 of * * the WebSphere Application Server for * * z/OS and OS/390. This APAR also * * includes fixes for V4.0 and V4.0.1 * * internal defects. * * * * Internal defect descriptions: * * 81153 - * * V4.0: Change the service level to 17. * * V4.0.1: Change the service level to 9. * * * * 81046 - (V4.0.1 only) * * Web Security does not properly handle * * user-data-constraint for Form Based * * Authentication, causing the "login * * screen" to be incorrectly displayed * * again. This problem only happens when * * the request comes in from the Plug-In * * side. * * * * V3.5 APARs included: * * PQ59938 * * PQ59939 * * PQ60020 * **************************************************************** * RECOMMENDATION: * **************************************************************** This APAR includes fixes for WebSphere Application Server Version 3.5 APARs that also apply to the WebSphere Application Server Versions V4.0 and V4.0.1. It also includes fixes for V4.0 and V4.0.1 internal defects. Internal Defect Summary: 81153 - V4.0: The service level needs to be changed from 16 to 17. V4.0.1: The service level needs to be changed from 8 to 9. 81046 - The problem came in from 2 areas in the Plug-In side: (1) The URL pattern match for Web security does not properly handle the case where one context root is a substring of another context root and, therefore, a mismatch may happen. (2) The Web security check on <user-data-constraint> did not properly handle the multiple <security-constraint> within the same Web application. It may mismatch the <user-data-constraint> with another <http-method> and the correct <user-data-constraint> may be ignored. In the Form Based Authentication case, the "login screen" is resent to the user as a result of the mismatch. The following Version 3.5 APAR fixes are added to Versions V4.0 and V4.0.1 and shipped with this APAR. Refer to the closing text for the individual APARs for more information about the reported problem. The APAR Abstract information is provided here. PQ59938 - WHEN RUNNING MULTIPLE VERSIONS OF A CLASS, IN SEPARATE WEB APPLICATIONS, OS/390 APPSERVER MAY TAKE A CLASSCASTEXCEPTION. PQ59939 - CUSTOMER GETS A JAVA.LANG.ILLEGALSTATEEXCEPTION ON OS/390 WEBSPHERE APPLICATION SERVER. PQ60020 - USING PERSISTENT SESSIONS, WHEN TRYING TO SAVE AN OBJECT GREATER THAN 32K, THE OBJECT IS NOT SAVED AND NO ERROR MESSAGE IS ISSUEDProblem conclusion 81046 - Changes were made to (1) Ensure a "/" is immediately after the context root when the comparison is performed. (2) Remove the <security-constraint> checking in the Plug-In side since it is performed in the Web-Container side anyway. 81153 - V4.0: The Product Service Level is changed from 16 to 17, and the Product Service Descriptor is changed from L00PTF16 to L00PTF17 for both the V4.0 runtime and the Web container. V4.0.1: The Product Service Level is changed from 8 to 9, and the Product Service Descriptor is changed from L00PTF08 to L00PTF09 for both the V4.0.1 runtime and the Web container. For the following Version 3.5 APARs, please refer to the closing text for the individual APARs for the changes that were made. PQ59938 PQ59939 PQ60020 This change affects the following COMPIDs: 5655A9800 R400 for z/OS and OS/390. 5655A9800 R401 for z/OS and OS/390. The code changes are stored in CMVC under defects 81046, 81153, PQ59938, PQ59939, 80897, and PQ60020. 400Y 401Y EJSCASIN EJSCCLAS EJSCCMSV EJSCCNFG EJSCJNUT EJSCJNWR EJSCLOAD EJSCLOGR EJSCOEUT EJSCOSUT EJSCPLUG EJSCPLUT EJSCPOOL EJSCPROP EJSCRULS EJSCSTUB EJSCSVHS EJSCVALD EJSCVERS EJSCWSUT EJSJSVJR EJSJWBJR EJSJWCWC EJSJWC04 EJSLNLS EJSTLDAT EJSXASIN EJSXJVMX * Cross Reference between External and Internal NamesTemporary fix ********* * HIPER * ********* A PTF will be supplied for Versions V4.0 and V4.01.Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: UQ65664 Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ60141
IBM Group: Software Group
Modified date: May 2, 2002
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.