JR52574: STARTSERVICES REST CALL FOR GENERAL SYSTEM SERVICES MIGRATED FROM IBM BPM V126.96.36.199 TO V8.5.5 FAILS WITH CWTBG0568E ERROR
Direct links to fixes
Closed as program error.
When you try to start a service of type BACKGROUND by using the startService REST API, you see the following error: CWTBG0568E : Unable to start service type BACKGROUND due to a restriction: Service type must be AJAX or HUMAN In releases earlier than IBM Business Process Manager (BPM) V8.0, this call was not restricted to services of types Ajax or human.
Use services of type AJAX or HUMAN to wrap existing services of other types.
In IBM BPM V8.0 a potential security problem that allowed any authenticated user to run all types of services was fixed. However, this change limits the type of services that can be started by using a REST call to services that can be exposed to dedicated teams: Ajax and human services may be executed by using REST calls. The change in behavior is intentional, but you might depend on the previous behavior. Currently, these applications cannot work without wrapping existing services in human or Ajax service implementations.
A fix for IBM BPM V188.8.131.52 enables administrators to customize the restriction for startable services by type. The fix is secure by default and allows users to invoke only AJAX and HUMAN services by using the REST API. If you have custom client applications that rely on the REST API call and expose service types other than Ajax or human services, you need to add the following configuration information: A configuration property is introduced to specify the whitelist of startable services. In the 100Custom.xml file, add the startservice-valid-services stanza to list one or more valid-service-entry elements: <server> <portal merge="mergeChildren"> <startservice-valid-services> <valid-service-entry>Ajax Service </valid-service-entry> <valid-service-entry>Human Service </valid-service-entry> <valid-service-entry>General System Service </valid-service-entry> </startservice-valid-services> </portal> </server> The following values are possible for valid-service-entry: - all - none - Regular Service - Rule Service - Ajax Service - Human Service - Integration Service - Installation Service - General System Service - SCA Service - Case Manager Integration Service - Undercover Agent Passthrough Service If either the special keyword "all" or "none" is encountered in the list, all other entries are ignored. For more information, see "Modifying runtime server configuration properties" (http://www.ibm.com/support/knowledgecenter/SSFPJS_8.5.5/com.ibm .wbpm.admin.doc/topics/cadm_modconfigprops.html) and "The 99Local.xml and 100Custom.xml configuration files" (http://www.ibm.com/support/knowledgecenter/SSFPJS_8.5.5/com.ibm .wbpm.admin.doc/topics/managing_twks_config_settings.html). Use this flag only temporarily and convert the existing applications to use properly secured human or Ajax services as a facade. On Fix Central (http://www.ibm.com/support/fixcentral), search for JR52574: 1. Select IBM Business Process Manager with your edition from the product selector, the installed version to the fix pack level, and your platform, and then click Continue. 2. Select APAR or SPR, enter JR52574, and click Continue. When you download fix packages, ensure that you also download the readme file for each fix. Review each readme file for additional installation instructions and information about the fix.
Reported component name
Reported component ID
NoSpecatt / Xsystem
Last modified date
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fixed component name
Fixed component ID
Applicable component levels