PK85861: CAN NOT EMIT EVENT BECAUSE OF JAVA2 SECURITY ISSUE.

Fixes are available

APAR status

Closed as program error.

Error description

When expanded (using EARExpander tool) the topic connection
factory cannot be looked-up because of access denied on the
system properties.
Expanding the EAR is needed because of some syncNode problems
on iSeries.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  IBM WebSphere Application Server V6.1 and   *
*                  V7.0 Common Event Infrastructure (CEI)      *
*                  users on i5/OS who are forced to expand the *
*                  EventService Enterprise Archive file (EAR). *
*                  This can happen because of the syncNode     *
*                  command sometimes failing on this           *
*                  operating system.                           *
****************************************************************
* PROBLEM DESCRIPTION: If CEI's EventService EAR is            *
*                      expanded, CEI will no longer work       *
*                      because of  a Java 2 security issue.    *
*                      It lacks permission to read system      *
*                      properties.                             *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Because the EventService EAR is expanded and the lack of read
permissions on the system properties in this case, CEI is
failing when it is trying to get a TopicConnectionFactoryfrom
the JNDI. This happens because of:
com.ibm.websphere.naming.CannotInstantiateObjectException.
Exception occurred while the JNDI NamingManager was processing
a javax.naming.Reference object. [Root exception is
java.security.AccessControlException: access denied
(java.util.PropertyPermission enableInuseConnectionDestroy
read) which can't be done because of:
java.security.AccessControlException: access denied
(java.util.PropertyPermission enableInuseConnectionDestroy
read).
The full stack is:
[4/10/09 16:47:05:068 CST] 00000030 EventGroup    1
com.ibm.events.distribution.impl.EventGroup addDestination
EventDistributionException received when adding destination
with JNDI name jms/cei/notification/AllEventsTopic to event
group All events
com.ibm.events.distribution.EventDistributionException:
CEIES0003W The event server failed to initialize a JMS
destination for an event group because the specified JMS
destination could not be found in JNDI.
Event group name: All events
JMS connection factory JNDI name:
jms/cei/notification/AllEventsTopicConnectionFactory
JMS destination JNDI name: jms/cei/notification/AllEventsTopic
Context: Dmgr01Network/clusters/PE_ND7.Support  : Exception
occurred while the JNDI NamingManager was processing a
javax.naming.Reference object.
at java.lang.Exception.<init>(Exception.java:77)
at com.ibm.events.EventsException.
<init>(EventsException.java:191)
at com.ibm.events.distribution.EventDistributionException.
<init>(EventDistributionException.java:73)
at com.ibm.events.distribution.impl.EventGroupTopicPublisher.
<init> (EventGroupTopicPublisher.java:341)
at
com.ibm.events.distribution.impl.EventGroup.addDestination(Event
Group.java:838)
at
com.ibm.events.distribution.impl.EventGroup.<init>(EventGroup.ja
va:323)
at
com.ibm.events.distribution.impl.EventClassifier.<init>(EventCla
ssifier.java:97)
at
com.ibm.events.distribution.impl.EventDistribution.<init>(EventD
istribution.java:145)
at
com.ibm.events.bus.impl.EventBusEjb.ejbCreate(EventBusEjb.java:6
15)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
Impl.java:39)
[...]
Caused by:
com.ibm.websphere.naming.CannotInstantiateObjectException:
Exception occurred while the JNDI NamingManager was processing
a javax.naming.Reference object. [Root exception is
java.security.AccessControlException: access denied
(java.util.PropertyPermission enableInuseConnectionDestroy
read)]
at java.lang.Throwable.<init>(Throwable.java:196)
at java.lang.Exception.<init>(Exception.java:41)
at javax.naming.NamingException.<init>(NamingException.java:109)
at
com.ibm.websphere.naming.WebSphereNamingException.<init>(WebSphe
reNamingException.java:49)
at
com.ibm.websphere.naming.CannotInstantiateObjectException.<init>
(CannotInstantiateObjectException.java:95)
at
com.ibm.ws.naming.util.Helpers.processSerializedObjectForLookupE
xt(Helpers.java:1000)
[...]
at
com.ibm.ws.naming.jndicos.CNContextImpl.lookup(CNContextImpl.jav
a:1358)
at com.ibm.ws.naming.util.WsnInitCtx.lookup(WsnInitCtx.java:172)
at javax.naming.InitialContext.lookup(InitialContext.java:351)
at
com.ibm.events.distribution.impl.EventGroupTopicPublisher.getCac
hedTopicConnectionFactory(EventGroupTopicPublisher.java:141)
at
com.ibm.events.distribution.impl.EventGroupTopicPublisher.<init>
(EventGroupTopicPublisher.java:206)
... 29 more
Caused by: java.security.AccessControlException: access denied
(java.util.PropertyPermission enableInuseConnectionDestroy read)
at java.lang.Throwable.<init>(Throwable.java:196)
at java.lang.Exception.<init>(Exception.java:41)
at java.lang.RuntimeException.<init>(RuntimeException.java:43)
at
java.security.AccessControlException.<init>(AccessControlExcepti
on.java:52)
at
java.security.AccessControlContext.checkPermission(AccessControl
Context.java:264)
at
java.security.AccessController.checkPermission(AccessController.
java:427)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:5
32)
at
com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
yManager.java:198)
at
java.lang.SecurityManager.checkPropertyAccess(SecurityManager.ja
va:1285)
at java.lang.System.getProperty(System.java:653)
[..]

Problem conclusion

Added "read" java.util.PropertyPermission permission on all
properties in the was.policy file form the CEI
EventService.ear EAR.

The fix for this APAR is currently targeted for inclusion in
fix packs 6.1.0.27 and 7.0.0.5.  Please refer to the
Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Temporary fix

Comments

APAR Information

APAR number
PK85861
Reported component name
WEBSPHERE APP S
Reported component ID
5724J0800
Reported release
61A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-05-04
Closed date
2009-05-15
Last modified date
2009-05-15

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBSPHERE APP S
Fixed component ID
5724J0800

Applicable component levels

R61I PSY
UP
R700 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
28 December 2021

Tips

PK85861: CAN NOT EMIT EVENT BECAUSE OF JAVA2 SECURITY ISSUE.

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R61I PSY

R700 PSY

Document Information

Share your feedback

Need support?