PM42227: JAVA 2 SECURITY EXCEPTION IN JAXWS WEBSERVICES APPLICATIONS

Fixes are available

APAR status

Closed as program error.

Error description

Customers might see a Java 2 security exception logged when
running their JAXWS WebsServices applications with Java 2
security.

Permission:

getClassLoader : Access denied
(java.lang.RuntimePermission getClassLoader)


Code:

scopedrefs.generatedclients.app1.mod1.b1.B1Service  in
{file:/CockroachServer/test/WAS/AppServer/profiles/node1/install
edApps/ndcell/scopedrefsapp1.ear/scopedrefsapp1mod1.jar}



Stack Trace:

java.security.AccessControlException: Access denied
(java.lang.RuntimePermission getClassLoader)
at
java.security.AccessController.checkPermission(AccessController.
java:108)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:5
44)
at
com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
yManager.java:212)
at java.lang.Class.forName(Class.java:162)
at
org.apache.ws.commons.schema.utils.NodeNamespaceContext.<clinit>
(NodeNamespaceContext.java:44)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:205)
at
org.apache.ws.commons.schema.SchemaBuilder.handleXmlSchemaElemen
t(SchemaBuilder.java:133)
at
org.apache.ws.commons.schema.XmlSchemaCollection.read(XmlSchemaC
ollection.java:481)
at
org.apache.axis2.description.WSDLToAxisServiceBuilder.getXMLSche
ma(WSDLToAxisServiceBuilder.java:144)
at
org.apache.axis2.description.WSDL11ToAxisServiceBuilder.copyExte
nsibleElements(WSDL11ToAxisServiceBuilder.java:2442)
at
org.apache.axis2.description.WSDL11ToAxisServiceBuilder.processT
ypes(WSDL11ToAxisServiceBuilder.java:420)
at
org.apache.axis2.description.WSDL11ToAxisServiceBuilder.processT
ypes(WSDL11ToAxisServiceBuilder.java:409)
at
org.apache.axis2.description.WSDL11ToAxisServiceBuilder.populate
Service(WSDL11ToAxisServiceBuilder.java:349)
at
org.apache.axis2.jaxws.description.impl.EndpointDescriptionImpl.
buildAxisServiceFromWSDL(EndpointDescriptionImpl.java:975)
at
org.apache.axis2.jaxws.description.impl.EndpointDescriptionImpl.
setupAxisService(EndpointDescriptionImpl.java:774)
at
org.apache.axis2.jaxws.description.impl.EndpointDescriptionImpl.
<init>(EndpointDescriptionImpl.java:275)
at
org.apache.axis2.jaxws.description.impl.EndpointDescriptionImpl.
<init>(EndpointDescriptionImpl.java:223)
at
org.apache.axis2.jaxws.description.impl.ServiceDescriptionImpl.u
pdateEndpointDescription(ServiceDescriptionImpl.java:526)
at
org.apache.axis2.jaxws.description.impl.DescriptionFactoryImpl.u
pdateEndpoint(DescriptionFactoryImpl.java:364)
at
org.apache.axis2.jaxws.description.DescriptionFactory.updateEndp
oint(DescriptionFactory.java:180)
at
org.apache.axis2.jaxws.spi.ServiceDelegate.getPort(ServiceDelega
te.java:591)
at
org.apache.axis2.jaxws.spi.ServiceDelegate.getPort(ServiceDelega
te.java:514)
at javax.xml.ws.Service.getPort(Service.java:99)
at
scopedrefs.generatedclients.app1.mod1.b1.B1Service.getB1Port(B1S
ervice.java:72)
at
scopedrefs.server.app1.mod1.B2.invokeapp1ModxEjb1(B2.java:32)

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  Users of IBM WebSphere Application          *
*                  Server with JAX-WS web services and with    *
*                  Java2 security enabled                      *
****************************************************************
* PROBLEM DESCRIPTION: During JAX-WS service invocation,       *
*                      a Java2 security exception might be     *
*                      logged.                                 *
****************************************************************
* RECOMMENDATION:  Install a fix pack containing this APAR.    *
****************************************************************
When Java2 security is enabled, An internal call to
getClassloader() could fail with a Java2 security exception.
As a result, the exception is logged and the service invocation
might fail.

Problem conclusion

The runtime code is modified so the error condition no longer
occurs.

The fix for this APAR is currently targeted for inclusion in
fix pack 8.0.0.1  Please refer to the Recommended Updates
page for delivery information:
http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980

Temporary fix

Comments

APAR Information

APAR number
PM42227
Reported component name
WEBSPHERE APP S
Reported component ID
5724J0800
Reported release
800
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-06-22
Closed date
2011-07-07
Last modified date
2011-07-14

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name
WEBSPHERE APP S
Fixed component ID
5724J0800

Applicable component levels

R800 PSY
UP

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
27 October 2021

Tips

PM42227: JAVA 2 SECURITY EXCEPTION IN JAXWS WEBSERVICES APPLICATIONS

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R800 PSY

Document Information

Share your feedback

Need support?