IBM Support

PM29816: Web Services requests fail with a Java 2 security exception after PM20957

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • APAR PM20957 introduced a Java 2 security exception with the
    following stack:
    java.security.AccessControlException: Access denied
       (org.osgi.framework.ServicePermission
       com.ibm.wsspi.cluster.adapter.channel.
           ChannelSelectionAdapter get)
     at java.security.AccessController.
               checkPermission(AccessController.java:103)
     at java.lang.SecurityManager.checkPermission
               (SecurityManager.java:558)
     at com.ibm.ws.security.core.SecurityManager.
               checkPermission(SecurityManager.java:214)
     at org.eclipse.osgi.framework.internal.core.Framework.
               checkGetServicePermission(Framework.java:1331)
     at org.eclipse.osgi.framework.internal.core.Framework.
               getServiceReferences(Framework.java:1187)
     at org.eclipse.osgi.framework.internal.core.
               BundleContextImpl.getServiceReference(
               BundleContextImpl.java:757)
     at com.ibm.wsspi.runtime.service.WsServiceRegistry.
               getService(WsServiceRegistry.java:105)
     at com.ibm.ws.websvcs.transport.http.
               OutboundURLTargetResolver.identityToCFEndPoint(
               OutboundURLTargetResolver.java:1092)
     at com.ibm.ws.websvcs.transport.http.
               OutboundURLTargetResolver.getOutboundTarget(
               OutboundURLTargetResolver.java:370)
     at com.ibm.ws.websvcs.transport.http.SOAPOverHTTPSender
               .<init>(SOAPOverHTTPSender.java:1618)
     at com.ibm.ws.websvcs.transport.http.
               HTTPTransportSender.invoke(
               HTTPTransportSender.java:301)
     at org.apache.axis2.engine.AxisEngine.send(
               AxisEngine.java:712)
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server V6.1 with JAX-WS Web services with   *
    *                  Java2 security enabled                      *
    ****************************************************************
    * PROBLEM DESCRIPTION: JAX-WS Web services applications may    *
    *                      get Java 2 security violation when      *
    *                      run in a Java 2 security enabled        *
    *                      environment.                            *
    ****************************************************************
    * RECOMMENDATION:  Install a fix pack that includes this APAR. *
    ****************************************************************
    A regression was introduced in WebSphere Application Server
    V6.1.0.35 that could cause a
    java.security.AccessControlException when Java 2 Security is
    enabled.  This problem affects  only JAX-RPC Web Services
    applications that are installed on the application server, and
    the problem only occurs when one of the following conditions
    is true:
    
    * WS-Addressing is enabled.
    
    * The enableInProcessConnections Web Container property is
    enabled on the server side.
    
    * The Remote Request Dispatcher (RRD) Web Container extension
    is enabled.
    
    The following exception may appear in the SystemOut.log:
    
    java.security.AccessControlException: Access denied
      (org.osgi.framework.ServicePermission
    com.ibm.wsspi.cluster.adapter.channel.ChannelSelectionAdapter
    get)
     at
    java.security.AccessController.checkPermission(AccessController.
    java:103)
     at
    java.lang.SecurityManager.checkPermission(SecurityManager.java:5
    58)
     at
    com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
    yManager.java:214)
     at
    org.eclipse.osgi.framework.internal.core.Framework.checkGetServi
    cePermission(Framework.java:1331)
     at
    org.eclipse.osgi.framework.internal.core.Framework.getServiceRef
    erences(Framework.java:1187)
     at
    org.eclipse.osgi.framework.internal.core.BundleContextImpl.getSe
    rviceReference(BundleContextImpl.java:757)
     at
    com.ibm.wsspi.runtime.service.WsServiceRegistry.getService(WsSer
    viceRegistry.java:105)
     at
    com.ibm.ws.websvcs.transport.http.OutboundURLTargetResolver.iden
    tityToCFEndPoint(OutboundURLTargetResolver.java:1092)
     at
    com.ibm.ws.websvcs.transport.http.OutboundURLTargetResolver.getO
    utboundTarget(OutboundURLTargetResolver.java:370)
     at
    com.ibm.ws.websvcs.transport.http.SOAPOverHTTPSender.<init>(SOAP
    OverHTTPSender.java:1618)
     at
    com.ibm.ws.websvcs.transport.http.HTTPTransportSender.invoke(HTT
    PTransportSender.java:301)
     at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:712)
    ...
    

Problem conclusion

Temporary fix

Comments

APAR Information

  • APAR number

    PM29816

  • Reported component name

    WEBSPHERE APP S

  • Reported component ID

    5724J0800

  • Reported release

    61A

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2011-01-04

  • Closed date

    2011-01-12

  • Last modified date

    2011-02-10

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    PM37351

Fix information

  • Fixed component name

    WEBSPHERE APP S

  • Fixed component ID

    5724J0800

Applicable component levels

  • R61A PSY

       UP

  • R61H PSY

       UP

  • R61I PSY

       UP

  • R61P PSY

       UP

  • R61S PSY

       UP

  • R61W PSY

       UP

  • R61Z PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
27 October 2021