IBM Support

PI46748: Enabling security through adminSecurity-1.0 may cause Servlets t o not configure completely

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Security configuration for Servlets is enabled through
    several possible features in the server.xml. When
    adminSecurity-1.0 is enabled, it is possible that Servlets
    will not receive complete security configuration, causing
    more restrictive configuration than is configured.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server Liberty Profile - Security           *
    ****************************************************************
    * PROBLEM DESCRIPTION: Enabling security through adminSecurity-*
    *                      1.0 may cause Servlets to not configure *
    *                      completely                              *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Security configuration for Servlets is enabled through several
    possible features in the server.xml. When adminSecurity-1.0 is
    enabled, it is possible that Servlets will not receive complete
    security configuration, causing more restrictive configuration
    than is configured.
    

Problem conclusion

  • The adminSecurity-1.0 configuration of Servlet security has been
    changed to ensure the configuration steps are followed.
    
    The fix for this APAR is currently targeted for inclusion in fix
    pack 8.5.5.7.  Please refer to the Recommended Updates page for
    delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI46748

  • Reported component name

    WAS LIBERTY COR

  • Reported component ID

    5725L2900

  • Reported release

    855

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2015-08-12

  • Closed date

    2015-08-19

  • Last modified date

    2015-08-19

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WAS LIBERTY COR

  • Fixed component ID

    5725L2900

Applicable component levels

  • R855 PSY

       UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSD28V","label":"WebSphere Application Server Liberty Core"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"855","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
11 January 2022