IBM Support

PM10814; 7.0.0.5: Exception thrown obtaining connection from the connection pool

Download


Abstract

AccessControlException thrown obtaining a connection from the connection pool, when Java 2 and Bus security are both enabled

Download Description

PM10814 resolves the following problem:

ERROR DESCRIPTION:
The following exception is seen when doing a receive call:

java.security.AccessControlException: Access denied
(javax.security.auth.PrivateCredentialPermission
com.ibm.ws.security.token.SingleSignonTokenImpl read)
at
java.security.AccessController.checkPermission(AccessController.
java:108)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:5
33)
at
com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
yManager.java:211)
at
javax.security.auth.Subject$SecureSet$1.next(Subject.java:1228)
at java.util.HashSet.(HashSet.java:76)
at javax.security.auth.Subject.equals(Subject.java:1011)
at
com.ibm.ws.sib.processor.impl.ConnectionImpl.isEquivalentTo(Conn
ectionImpl.java:3892)
at
com.ibm.ws.sib.api.jmsra.impl.JmsJcaManagedConnection.match(JmsJ
caManagedConnection.java:1144)
at
com.ibm.ws.sib.api.jmsra.impl.JmsJcaManagedConnectionFactoryImpl
.matchManagedConnections(JmsJcaManagedConnectionFactoryImpl.java
:636)

LOCAL FIX:

PROBLEM SUMMARY

USERS AFFECTED:
Users of the default messaging provider for IBM WebSphere Application Server Version 7.0

PROBLEM DESCRIPTION:
AccessControlException thrown obtaining a connection from the connection pool, when Java 2 and Bus security are both enabled

RECOMMENDATION:
None

The AccessControlException is thrown due to an equals check being performed on the security Subject outside of a privileged action.

The AccessControlException occurs when Bus security and Java 2 security are both enabled, and a connection is matched in the connection pool. The AccessControlException is likely to occur when doing a JMS receive call, but can occur for other JMS calls that requires enlistment in a transaction (or otherwise requires a connection to be matched from the pool).

PROBLEM CONCLUSION:
The fix for this APAR resolves the problem by ensuring the equals method on the Subject is called with the correct Java 2 security privilege.

The fix for this APAR is currently targeted for inclusion in
fix pack 7.0.0.11. Please refer to the Recommended Updates
page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Prerequisites

Please download the UpdateInstaller below to install this fix.

[{"PRLabel":"UpdateInstaller","PRLang":"US English","PRSize":"7250000","PRPlat":{"label":"AIX","code":"PF002"},"PRURL":"http://www.ibm.com/support/docview.wss?rs=180&uid=swg21205991"}]

Installation Instructions

Please review the readme.txt for detailed installation instructions.

[{"INLabel":"Readme","INLang":"US English","INSize":"8087","INURL":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PM10814/readme.txt"}]
On
[{"DNLabel":"7.0.0.5-WS-WAS-IFPM10814","DNDate":"4/13/2010","DNLang":"US English","DNSize":"53483","DNPlat":{"label":"AIX","code":"PF002"},"DNURL":"http://www.ibm.com/support/fixcentral/quickorder?fixids=7.0.0.5-WS-WAS-IFPM10814&product=ibm%2FWebSphere%2FWebSphere%20Application%20Server&source=dbluesearch","DNURL_FTP":"ftp://public.dhe.ibm.com/software/websphere/appserv/support/fixes/PM10814/7.0.0.5-WS-WAS-IFPM10814.pak","DDURL":"http://public.dhe.ibm.com:7618;sw_websphere;appserv/support/fixes/PM10814/7.0.0.5-WS-WAS-IFPM10814.pak"}]

Technical Support

Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/software/webservers/appserv/was/support/), or contact 1-800-IBM-SERV (U.S. only).

[{"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Service Integration Technology","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF012","label":"IBM i"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.0.0.5;7.0.0.7;7.0.0.9","Edition":"Base;Network Deployment;Single Server","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
15 June 2018

UID

swg24026584