IBM Support

PM97228: AN EXCEPTION CAN OCCUR WHEN AN LTPA TOKEN TIMEOUT OCCURS AND THE CDI WEBBEANSCONFIGURATIONLISTENER ACCESSES THE SESSION

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • The following exception can be seen if Contexts and Dependency
    Injection (CDI) is enabled and the Lightweight Third-Party
    Authentication (LTPA) token times out:
    
    7/18/13 20:43:33:423 EDT] 00000040
    com.ibm.ws.session.WASSessionCore E SESN0008E: A user
    authenticated as anonymous has attempted to access a session
    owned by user: <userInformation>
    [7/18/13 20:43:33:423 EDT] 00000040
    org.apache.webbeans.servlet.WebBeansConfigurationListener E An
    error occured while starting request :
    [com.ibm.ws.webcontainer.srt.SRTServletRequest@a14d2715]
    [7/18/13 20:43:33:424 EDT] 00000040
    com.ibm.ws.webcontainer.webapp E SRVE0315E: An execption
    occurred: com.ibm.ws.webcontainer.webapp.WebAppErrorReport:
    com.ibm.websphere.servlet.session.UnauthorizedSessionRequestExce
    ption: SESN0008E: A user authenticated as anonymous has
    attempted to access a session owned by
    user:<userInformation>
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server            *
    *                  Full Profile and Liberty Profile versions   *
    *                  8.0 and 8.5.5 users of CDI.                 *
    ****************************************************************
    * PROBLEM DESCRIPTION: An exception can occur when an LTPA     *
    *                      token timeout occurs and the CDI        *
    *                      WebBeansConfigurationListener           *
    *                      accesses the session.                   *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    The following exception can occur when using CDI and an LTPA
    token timeout occurs the following exception can occur:
    [7/18/13 20:43:33:423 EDT] 00000040
    org.apache.webbeans.servlet.WebBeansConfigurationListener E An
    error occured while starting request :
    [com.ibm.ws.webcontainer.srt.SRTServletRequest@a14d2715]
    [7/18/13 20:43:33:424 EDT] 00000040
    com.ibm.ws.webcontainer.webapp E SRVE0315E: An execption
    occurred: com.ibm.ws.webcontainer.webapp.WebAppErrorReport:
    com.ibm.websphere.servlet.session.UnauthorizedSessionRequestExce
    ption: SESN0008E: A user authenticated as anonymous has
    attempted to access a session owned by
    user:<userInformation>
    

Problem conclusion

  • The CDI runtime was updated to prevent the exception when an
    LTPA token timeout occurs.
    
    The fix for this APAR is currently targeted for inclusion in
    fix packs 8.0.0.8 and 8.5.5.2. Please refer to the Recommended
    Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM97228

  • Reported component name

    LIBERTY PROFILE

  • Reported component ID

    5724J0814

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-09-17

  • Closed date

    2013-10-09

  • Last modified date

    2013-11-26

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    LIBERTY PROFILE

  • Fixed component ID

    5724J0814

Applicable component levels

  • R850 PSY

       UP



Document information

More support for: WebSphere Application Server

Software version: 850

Reference #: PM97228

Modified date: 26 November 2013