Fixes are available
8.0.0.7: WebSphere Application Server V8.0 Fix Pack 7
8.5.5.1: WebSphere Application Server V8.5.5 Fix Pack 1
8.0.0.8: WebSphere Application Server V8.0 Fix Pack 8
8.5.5.2: WebSphere Application Server V8.5.5 Fix Pack 2
8.0.0.9: WebSphere Application Server V8.0 Fix Pack 9
8.5.5.3: WebSphere Application Server V8.5.5 Fix Pack 3
8.5.5.4: WebSphere Application Server V8.5.5 Fix Pack 4
8.0.0.10: WebSphere Application Server V8.0 Fix Pack 10
8.5.5.5: WebSphere Application Server V8.5.5 Fix Pack 5
8.5.5.6: WebSphere Application Server V8.5.5 Fix Pack 6
8.0.0.11: WebSphere Application Server V8.0 Fix Pack 11
8.5.5.7: WebSphere Application Server V8.5.5 Fix Pack 7
8.5.5.8: WebSphere Application Server V8.5.5 Fix Pack 8
8.0.0.12: WebSphere Application Server V8.0 Fix Pack 12
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.0.0.13: WebSphere Application Server V8.0 Fix Pack 13
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
APAR status
Closed as program error.
Error description
Following error is displayed when running EJB 3.1 application that uses method interface "MessageEndpoint". This error also happens for EJB application that uses interface "Timer" Log message: [10/22/12 16:51:48:986 CEST] 0000001a SecurityColla A SECJ0053E: Authorization failed for /UNAUTHENTICATED while invoking (Bean)MDB-1.0#mdb-sample.jar#SimpleMessageListener onMessage:javax.jms. Message:7 Invalid method interface: MessageEndpoint
Local fix
They will accept my bug report and get the changes in. WebSphere should take an apar to add the interface on our own
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server v8.0 and above who run EJB 3.1 * * application * **************************************************************** * PROBLEM DESCRIPTION: Although WebSphere Application Server * * v8.0 supports EJB 3.1," Invalid * * method interface: MessageEndpoint" * * error is thrown * **************************************************************** * RECOMMENDATION: * **************************************************************** Application Server checks if invoking EJB method is implementing appropriate interface. This check is performed in class EJBMethodPermission, where the interface is compared with a list of allowed interfaces. The list contains 5 interfaces (Home,LocalHome,Remote,Local,ServiceEndpoint) as EJB 3.0 spec says and is hardcoded in EJBMethodPermission, although EJB 3.1 spec defines 7 elements (Home, Remote, LocalHome, Local, ServiceEndpoint, Timer, MessageEndpoint). When application is deployed in Application Server, EJB 3.1 beans are compared with a list of EJB 3.0 interfaces.
Problem conclusion
WebSphere Application Server uses EJBMethodPermission class from Apache Geronimo project. Following bug report was opened and fixed. https://issues.apache.org/jira/browse/GERONIMO-6435 Also, Application Server is updated to check following Java property: org.apache.security.jacc.EJBMethodPermission.methodInterfaces to extend interface list with "MessageEndpoint" and "Timer" that are newly supported in EJB 3.1. The fix for this APAR is currently targeted for inclusion in fix pack 8.0.0.7, 8.5.5.1. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
As a workaround, application code can also use the property : org.apache.security.jacc.EJBMethodPermission.methodInterfaces and set it to "Timer,MessageEndpoint" to extend the interface list.
Comments
APAR Information
APAR number
PM84610
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
800
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-03-12
Closed date
2013-04-29
Last modified date
2013-04-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R800 PSY
UP
R850 PSY
UP
Document Information
Modified date:
11 January 2022