IBM Support

PI07385: PERFORMANCE ISSUE ON JAX-WS CLIENT WHEN SECURITY IS ENABLED

Fixes are available

8.5.5.2: WebSphere Application Server V8.5.5 Fix Pack 2
7.0.0.33: WebSphere Application Server V7.0 Fix Pack 33
8.0.0.9: WebSphere Application Server V8.0 Fix Pack 9
8.5.5.3: WebSphere Application Server V8.5.5 Fix Pack 3
7.0.0.35: WebSphere Application Server V7.0 Fix Pack 35
8.5.5.4: WebSphere Application Server V8.5.5 Fix Pack 4
8.0.0.10: WebSphere Application Server V8.0 Fix Pack 10
7.0.0.37: WebSphere Application Server V7.0 Fix Pack 37
8.5.5.5: WebSphere Application Server V8.5.5 Fix Pack 5
8.5.5.6: WebSphere Application Server V8.5.5 Fix Pack 6
8.0.0.11: WebSphere Application Server V8.0 Fix Pack 11
8.5.5.7: WebSphere Application Server V8.5.5 Fix Pack 7
7.0.0.39: WebSphere Application Server V7.0 Fix Pack 39
8.5.5.8: WebSphere Application Server V8.5.5 Fix Pack 8
8.0.0.12: WebSphere Application Server V8.0 Fix Pack 12
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
7.0.0.41: WebSphere Application Server V7.0 Fix Pack 41
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.0.0.13: WebSphere Application Server V8.0 Fix Pack 13
7.0.0.43: WebSphere Application Server V7.0 Fix Pack 43
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
7.0.0.35: Java SDK 1.6 SR16 FP1 Cumulative Fix for WebSphere Application Server
7.0.0.37: Java SDK 1.6 SR16 FP3 Cumulative Fix for WebSphere Application Server
7.0.0.39: Java SDK 1.6 SR16 FP7 Cumulative Fix for WebSphere Application Server
7.0.0.41: Java SDK 1.6 SR16 FP20 Cumulative Fix for WebSphere Application Server
7.0.0.43: Java SDK 1.6 SR16 FP41 Cumulative Fix for WebSphere Application Server
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • When a JAX-WS client is run on an application server, service
    calls are slower when base security is enabled than when it
    isn't.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server users of   *
    *                  JAX-WS client applications                  *
    ****************************************************************
    * PROBLEM DESCRIPTION: When a JAX-WS client is run on an       *
    *                      application server, service calls are   *
    *                      slower when security is enabled than    *
    *                      when it isn't                           *
    ****************************************************************
    * RECOMMENDATION:  Install a fix pack that contains this       *
    *                  APAR.                                       *
    ****************************************************************
    When a JAX-WS client is run on an application server, service
    calls are slower when base security is enabled than when it
    isn't.
    

Problem conclusion

  • On an application server, when a JAX-WS client makes a service
    call, if base security is enabled, the WebSphere security
    context is serialized to the web services message context.
    This is done because there are down stream handlers that may
    need to serialize the entire message context (WS-Reliable
    Messaging for example).
    
    Since this serialization process is very slow and can cause
    problems if non-serializable objects are in the security
    context, there should be a way to turn it off.
    
    The following web services custom property is added:
    com.ibm.websvcs.client.serializeSecurityContext
    
    When this custom property is set to false in the request
    context on the binding provider for the service call, the
    serialization will not be performed.  For example:
    
    javax.xml.ws.BindingProvider bp;
    
    bp.getRequestContext().put("com.ibm.websvcs.client.serializeSecu
    rityContext", "false");
    
    The default value for this property is true.
    
    The WS-Reliable Messaging qualities of service managed
    persistent and managed non-persistent require that the
    request, including the SecurityContext, is serializable to
    persistent storage.  Therefore if WS-Reliable messaging is
    also configured on such a request with either managed
    persistent or managed non-persistent qualities of service the
    request will not be sent and you'll receive a message like:
    
    CWSKA0112E: There is a conflict between the
    WS-ReliableMessaging quality of service managedPersistent and
    the BindingProvider property
    com.ibm.websvcs.client.serializeSecurityContext having the
    value false.
    
    The fix for this APAR is currently targeted for inclusion in
    fix packs 7.0.0.33, 8.0.0.9, and 8.5.5.2.  Please refer to the
    Recommended Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI07385

  • Reported component name

    WEBSPHERE APP S

  • Reported component ID

    5724J0800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-12-04

  • Closed date

    2014-03-07

  • Last modified date

    2014-03-07

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBSPHERE APP S

  • Fixed component ID

    5724J0800

Applicable component levels

  • R700 PSY

       UP

  • R800 PSY

       UP

  • R850 PSY

       UP



Document information

More support for: WebSphere Application Server
General

Software version: 7.0

Reference #: PI07385

Modified date: 07 March 2014