Download
Abstract
com.ibm.ws.security.oauth20.token.impl export is missing from the file com.ibm.ws.security.oauth2.jar
Download Description
PI34326 resolves the following problem:
ERROR DESCRIPTION:
The following message in SystemOut.log very frequently:
CompoundClass > loadClass
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
this=com.ibm.ws.classloader.CompoundClassLoader@4aeb5665[PL][appwar:Communities] Entry
CompoundClass < loadClass
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
failed Exit
java.lang.ClassNotFoundException:
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
WSOpaqueToken W SECJ5003W: An error occurred while de-serializing a custom object from the inbound authorization token. This does not cause the request to fail but this custom object will not get restored in the inbound Subject.
LOCAL FIX:
None
PROBLEM SUMMARY
USERS AFFECTED:
IBM WebSphere Application Server users of the OAuth TAI
PROBLEM DESCRIPTION:
com.ibm.ws.security.oauth20.token.impl export is missing from the file com.ibm.ws.security.oauth2.jar
RECOMMENDATION:
Install a fix pack that contains this APAR.
When using the OAuth Trust Association Interceptor (TAI), you may see messages like the following in SystemOut.log:
CompoundClass < loadClass
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
failed Exit
java.lang.ClassNotFoundException:
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
WSOpaqueToken W SECJ5003W: An error occurred while de-serializing a custom object from the inbound authorization token. This does not cause the request to fail but this custom object will not get restored in the inbound Subject.
An FFDC like the following is produced:
FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident
FFDC1003I: FFDC Incident emitted on
/opt2/IBM/WebSphere/AppServer/profiles/AppSrv01/logs/ffdc/test_server2_1297b8a0_15.02.02_17.31.23.4156843171133233607947.txt
com.ibm.ws.security.server.lm.wsMapDefaultInboundLoginModule.log
in 1686
The following may be observed in a trace:
wsMapDefaultI 3 Exception deserializing custom objects.
java.lang.ClassNotFoundException:
com.ibm.ws.security.oauth20.token.impl.WSOAuth20TokenImpl
wsMapDefaultI 3 Successfully deserialized a custom privateobject:
{com.ibm.wsspi.security.cred.cacheKey=connectionsProvider-218271251, OAuthProvider=connectionsProvider}
PROBLEM CONCLUSION:
The following export is missing from the com.ibm.ws.security.oauth2.jar file:
com.ibm.ws.security.oauth20.token.impl
The export has been added.
8.5.5.3-WS-WASProd-IFPI34326.zip applies to fixpacks 8.5.5.3 through 8.5.5.5.
8.5.5.6-WS-WASProd-IFPI34326.zip applies to fixpack 8.5.5.6.
The fix for this APAR is currently targeted for inclusion in fix packs 7.0.0.39, 8.0.0.11 and 8.5.5.7. Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Keywords: IBMWL3WSS, OAUTH, INTERIMFIX
Prerequisites
None
Installation Instructions
Please review the readme.txt for detailed installation instructions.
Technical Support
Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24040108