APAR status
Closed as program error.
Error description
A client connection channel (CLNTCONN) has been defined on a queue manager which has: - The security exit name (SCYEXIT) attribute set to the name of a security exit. - And the security exit user data (SCYDATA) attribute set to a string. An MQ classes for Java application uses the CLNTCONN definition in the queue manager's client channel definition table (CCDT) when creating an MQQueueManager object. When the application is run using the IBM MQ 9.1 (or earlier) classes for Java, the string specified in the SCYDATA attribute within the CLNTCONN definition is passed to the security exit as expected and the MQQueueManager object is successfully created. However, when the application is run using the IBM MQ 9.2 classes for Java, the string passed to the security exit contains 32 spaces rather than the data in the SCYDATA attribute. As a result, the security exit does not work as expected.
Local fix
Problem summary
**************************************************************** USERS AFFECTED: This issue affects users of the IBM MQ classes for Java who have applications that create MQQueueManager objects using an entry in a client channel definition table (CCDT), where the entry has the security exit user data (SCYDATA) attribute set. Platforms affected: MultiPlatform **************************************************************** PROBLEM DESCRIPTION: In MQ 9.2, the Java Message Queueing Interface (JMQI - the component used by the IBM MQ classes for Java and classes for JMS to communicate with a queue manager) was updated to store security exit user data in a 32 character string. If the security exit user data was less than 32 characters in length, the JMQI would pad it out with spaces before passing it to the exit. Due to the way that this logic was implemented - If an MQ classes for Java application tried to create an MQQueueManager object for a queue manager using an entry in a client channel definition table (CCDT) - And the entry had the security exit user data (SCYDATA) attribute set to a string. then the JMQI would incorrectly overwrite the security data set in the SCYDATA attribute with 32 spaces. As a result, the security exit would be called with user data containing 32 spaces, rather than the expected string.
Problem conclusion
To resolve this issue, the JMQI has been updated to ensure that: - If an MQ classes for Java application creates an MQQueueManager object for a queue manager using an entry in a client channel definition table (CCDT) - And the entry has the security exit user data (SCYDATA) attribute set to a string. then the value of the attribute is correctly passed to the security exit. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v9.2 LTS 9.2.0.7 v9.3 LTS 9.3.0.1 v9.x CD 9.3.1 The latest available maintenance can be obtained from 'WebSphere MQ Recommended Fixes' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006037 If the maintenance level is not yet available information on its planned availability can be found in 'WebSphere MQ Planned Maintenance Release Dates' http://www-1.ibm.com/support/docview.wss?rs=171&uid=swg27006309 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT40502
Reported component name
MQ BASE V9.2
Reported component ID
5724H7281
Reported release
920
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-04-04
Closed date
2022-05-12
Last modified date
2022-09-08
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
MQ BASE V9.2
Fixed component ID
5724H7281
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYHRD","label":"IBM MQ"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"920","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
08 September 2022