Fixes are available
APAR status
Closed as program error.
Error description
when security is used and under WS Security drop down menu for Authentication if UsernameToken is used, basic auth info is also sent in the request using the user and pwd speified for usernameToken. The basic auth info should be sent only when HTTP Authentication is selected in the WS Security drop down menu.
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: Webservice with security authentication * * enabled. * **************************************************************** * PROBLEM DESCRIPTION: When using UsernameToken * * authentication method with * * Webservice requests. * **************************************************************** * RECOMMENDATION: * **************************************************************** When enabling security in webservices with the JAX-WS engine enabled (v7.5.1.1 is not enabled by default. v8.0.0.0 and above is enabled by default.), if the authentication method UsernameToken is selected, the Basic Authentication header is still appended to the request. This causes issues when the receiving service is not expecting a Basic Auth type request. An HTTP 401 unauthorized error may be returned.
Problem conclusion
Code changes have been made to properly use the correct authentication method in the webservices requests. An interim fix will be available on v7.5.1.1. It will also be available in the next fix pack.
Temporary fix
Comments
APAR Information
APAR number
JR45792
Reported component name
BPM STANDARD
Reported component ID
5725C9500
Reported release
751
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-02-21
Closed date
2013-04-26
Last modified date
2013-04-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
BPM STANDARD
Fixed component ID
5725C9500
Applicable component levels
R750 PSY
UP
R800 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFTDH","label":"IBM Business Process Manager Standard"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.5.1","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
08 January 2022