IBM Support

PM28027: JAX-RPC WS-Security runtime may not consume LTPA_PROPAGATION tokens

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The LTPATokenConsumer in the JAX-RPC WS-Security runtime may not
    consume LTPA_PROPAGATION tokens.
    
    When the LTPATokenConsumer receives an LTPA_PROPAGATION token a
    java.lang.NullPointerException error occurs.
    

Local fix

  • Candidate to be fixed in next release.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server V7.0 users *
    *                  of WS-Security enabled JAX-RPC applications *
    *                  and LTPA_PROPAGATION tokens                 *
    ****************************************************************
    * PROBLEM DESCRIPTION: JAX-RPC WS-Security may not consume     *
    *                      LTPA_PROPAGATION tokens                 *
    ****************************************************************
    * RECOMMENDATION:  Install a fix pack that included this APAR  *
    ****************************************************************
    The LTPATokenConsumer in the JAX-RPC WS-Security runtime may not
    consume LTPA_PROPAGATION tokens.  When the LTPATokenConsumer
    receives the a same LTPA_PROPAGATION token the second time,
    the following error occurs:
    
    com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5520E: An
    exception occurred during token processing. The exception is :
    java.lang.NullPointerException: null
    

Problem conclusion

  • When an LTPA_PROPAGATION token is received in the
    LTPATokenConsumer the first time, a Token object is created
    for the token that is received in the message.
    
    Whan the same LTPA_PROPAGATION token is received again,
    the token is retrieved from the cache, but a
    Token object is not created from the token retrieved from the
    cache; this leaves the Token object null.  When the Token
    object is later operated on in the LTPATokenConsumer, a
    java.lang.NullPointerException error occurs.
    
    The LTPATokenConsumer is updated to ensure that a Token object
    is created for LTPA_PROPAGATION tokens that are retrieved from
    the cache.
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 7.0.0.17.  Please refer to the Recommended Updates
    page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM28027

  • Reported component name

    WEBSPHERE APP S

  • Reported component ID

    5724J0800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2010-12-02

  • Closed date

    2011-01-18

  • Last modified date

    2011-01-18

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBSPHERE APP S

  • Fixed component ID

    5724J0800

Applicable component levels

  • R700 PSY

       UP



Document information

More support for: WebSphere Application Server
General

Software version: 7.0

Reference #: PM28027

Modified date: 18 January 2011