IBM Support

PM26672: REQUEST ARE ROUTED TO THE WRONG SERVANT WHEN THE COOKIE NAME IS CHANGED FROM JSESSIONID AT THE APPLICATION LEVEL.

Fixes are available

7.0.0.19: WebSphere Application Server V7.0 Fix Pack 19
7.0.0.21: WebSphere Application Server V7.0 Fix Pack 21
7.0.0.23: WebSphere Application Server V7.0 Fix Pack 23
7.0.0.25: WebSphere Application Server V7.0 Fix Pack 25
7.0.0.27: WebSphere Application Server V7.0 Fix Pack 27
7.0.0.29: WebSphere Application Server V7.0 Fix Pack 29
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
7.0.0.31: WebSphere Application Server V7.0 Fix Pack 31
7.0.0.27: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.33: WebSphere Application Server V7.0 Fix Pack 33
7.0.0.35: WebSphere Application Server V7.0 Fix Pack 35
7.0.0.37: WebSphere Application Server V7.0 Fix Pack 37
7.0.0.39: WebSphere Application Server V7.0 Fix Pack 39
7.0.0.41: WebSphere Application Server V7.0 Fix Pack 41
7.0.0.43: WebSphere Application Server V7.0 Fix Pack 43
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
6.1.0.41: Java SDK 1.5 SR12 FP5 Cumulative Fix for WebSphere Application Server
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
7.0.0.19: Java SDK 1.6 SR9 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.21: Java SDK 1.6 SR9 FP2 Cumulative Fix for WebSphere
7.0.0.23: Java SDK 1.6 SR10 FP1 Cumulative Fix for WebSphere
7.0.0.25: Java SDK 1.6 SR11 Cumulative Fix for WebSphere Application Server
7.0.0.27: Java SDK 1.6 SR12 Cumulative Fix for WebSphere Application Server
7.0.0.29: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
7.0.0.31: Java SDK 1.6 SR15 Cumulative Fix for WebSphere Application Server
7.0.0.35: Java SDK 1.6 SR16 FP1 Cumulative Fix for WebSphere Application Server
7.0.0.37: Java SDK 1.6 SR16 FP3 Cumulative Fix for WebSphere Application Server
7.0.0.39: Java SDK 1.6 SR16 FP7 Cumulative Fix for WebSphere Application Server
7.0.0.41: Java SDK 1.6 SR16 FP20 Cumulative Fix for WebSphere Application Server
7.0.0.43: Java SDK 1.6 SR16 FP41 Cumulative Fix for WebSphere Application Server
Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The z-native code relys on retrieving the cookie name from
    server.xml if the cookie name is changed to something different
    than JSESSIONID.
    
    When the cookie name is set at application level it is placed in
    the deployment.xml of the application and the z-native code is
    unable to handle the change in cookie name and route the request
    incorrectly.
    

Local fix

  • Set the cookie name at the server level.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server V6.1.0                               *
    ****************************************************************
    * PROBLEM DESCRIPTION: A WebSphere Application Server for z/OS *
    *                      server running with multiple Servants   *
    *                      does not route HTTP requests with       *
    *                      session affinity to the proper Servant. *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    By default, the name of the cookie that carries session affinity
    information is JSESSIONID, however this value can be overridden
    for a specific application or web module.
    
    When a WebSphere for z/OS Controller routes HTTP requests to a
    Servant, it looks for session affinity information in the cookie
    name that is specified at the server level; it does not check
    if the session cookie name is overridden at another level.
    
    Thus, if the option to override the session cookie name at the
    application or web module level is enabled, WebSphere
    Application Server for z/OS servers with more than one Servant
    will not be able to route HTTP requests for that application or
    module to the right Servant.
    

Problem conclusion

  • Code was changed so that when the JVM Custom Property
    com.ibm.ws390.routing.EnableCustomSessionCookieName is set to
    true, the Controller properly checks for an overridden session
    cookie name at the application or web module level for each
    request.
    
    APAR PM26672 APAR requires changes to documentation.
    
    NOTE: Periodically, we refresh the documentation on our
    Web site, so the changes might have been made before you
    read this text. To access the latest on-line
    documentation, go to the product library page at:
    
    http://www.ibm.com/software/webservers/appserv/library
    
    The following changes to the z/OS version of the WebSphere
    Application Server Version 6.1 Information Center will be
    made available in October, 2011.
    
    The following Avoid Trouble note will be added to the
    description of the Enable cookies mechanism in the
    "Session management settings" topic:
    
    Avoid Trouble: If you are running with multiple servants
    enabled, and the session management configuration setting
    for the session cookie name might be overridden at either
    the application or web module level, you must set the
    com.ibm.ws390.routing.EnableCustomSessionCookieName custom
    property to true to enable the controller to continue
    routing requests to the proper servant. If
    com.ibm.ws390.routing.EnableCustomSessionCookieName=true is
    not added to the session management configuration for the
    controller before the session cookie name changes, the
    controller will not be able to properly route requests to
    the affected servants. See the topic "Java Virtual Machine
    custom properties" for more information about this property.
    
    The following information will be added to the
    topic "Java Virtual Machine custom properties":
    
    com.ibm.ws390.routing.EnableCustomSessionCookieName
    
    Use this property to enable routing of requests from the
    controller to the proper servant in a situation where, in
    a multiple servant environment, you are overriding the
    default value for the session cookie name at either the
    application or web module level. The default session
    management configuration setting for the session cookie
    name is JSESSIONID.
    
    If you are running with multiple servants enabled, and
    the session management configuration setting for the
    session cookie name might be overridden at either the
    application or web module level, you must set the
    com.ibm.ws390.routing.EnableCustomSessionCookieName
    custom property to true to enable the controller to
    continue routing requests to the proper servant. If
    com.ibm.ws390.routing.EnableCustomSessionCookieName=true
    is not added to the session management configuration for
    the controller before the session cookie name changes,
    the controller will not be able to properly route
    requests to the affected servants.
    
    This custom property must be set for the controller.
    When specified, this setting applies to all of the
    servants associated with that controller.
    
    This custom property is not required if you are running
    in a single servant environment.
    
    The default value for this property is false.
    
    APAR PM26672 is currently targeted for inclusion in Service
    Level (Fix Pack) 6.1.0.41 of WebSphere Application Server V6.1.
    
    Please refer to URL:
    //www.ibm.com/support/docview.wss?rs=404&uid=swg27006970
    for Fix Pack availability.
    

Temporary fix

Comments

  • ž**** PE12/08/28 PTF IN ERROR. SEE APAR PM71761  FOR DESCRIPTION
    

APAR Information

  • APAR number

    PM26672

  • Reported component name

    WEBSPHERE FOR Z

  • Reported component ID

    5655I3500

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    YesSpecatt / CST

  • Submitted date

    2010-11-12

  • Closed date

    2011-05-24

  • Last modified date

    2012-09-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    PM26774

Fix information

  • Fixed component name

    WEBSPHERE FOR Z

  • Fixed component ID

    5655I3500

Applicable component levels

  • R610 PSY UK73054

       UP11/11/03 P F111

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.



Document information

More support for: WebSphere Application Server for z/OS
General

Software version: 6.1

Reference #: PM26672

Modified date: 06 September 2012