Fixes are available
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
8.5.5.20: WebSphere Application Server V8.5.5.20
8.5.5.18: WebSphere Application Server V8.5.5 Fix Pack 18
8.5.5.19: WebSphere Application Server V8.5.5 Fix Pack 19
8.5.5.16: WebSphere Application Server V8.5.5 Fix Pack 16
APAR status
Closed as program error.
Error description
Classes loaded using Liberty profile's classloader, which includes classes packaged in Java EE modules, shared libraries, and so on., use a ProtectionDomain that provides an incorrect response for it's code source location. Some applications and third-party libraries depend on that location being accurate so that it can load additional resources from it's own archive independent of the application server classloading or resource loading mechanisms. When the code source location is incorrect, these applications or libraries fail to function correctly. The location returned by this method call will be based on the classloader - for example, the classloader for a web module will return the WAR's location, but not necessarily a JAR that is embedded in that WAR.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server Liberty Profile * **************************************************************** * PROBLEM DESCRIPTION: Application classes will provide * * incorrect values when calling * * getProtectionDomain().getCodeSource().g * * etLocation() * **************************************************************** * RECOMMENDATION: * **************************************************************** Classes loaded using Liberty profile's classloader, which includes classes packaged in Java EE modules, shared libraries, and so on., use a ProtectionDomain that provides an incorrect response for it's code source location. Some applications and third-party libraries depend on that location being accurate so that it can load additional resources from it's own archive independent of the application server classloading or resource loading mechanisms. When the code source location is incorrect, these applications or libraries fail to function correctly. The location returned by this method call will be based on the classloader - for example, the classloader for a web module will return the WAR's location, but not necessarily a JAR that is embedded in that WAR.
Problem conclusion
The fix for this APAR is provide the correct location for each classpath entry used in the classloader. The fix for this APAR is currently targeted for inclusion in fix pack 8.5.5.9. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PI52936
Reported component name
WAS LIBERTY COR
Reported component ID
5725L2900
Reported release
855
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2015-11-20
Closed date
2015-11-24
Last modified date
2015-11-24
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WAS LIBERTY COR
Fixed component ID
5725L2900
Applicable component levels
R855 PSY
UP
Document Information
Modified date:
11 January 2022