JR55010: WEB SERVICE INTEGRATION INVOKE FAILED WITH HTTP STATUS CODE 401

Version 8.5 Refresh Pack 7 for the IBM Business Process Manager products

APAR status

• Closed as fixed if next.

Error description

• After you upgrade to IBM Business Process Manager (BPM)
  V8.5.6.0 cumulative fix 1 or cumulative fix 2, when you use
  web service integration to invoke a target web service server,
   the WSDL is protected, and you haven't set basic
  authentication for the web service integration, the invocation
  might failed with HTTP status code 401.
  

Local fix

• Set the Security field with "Use Basic Authentication". In WS
  Security tab. Select "HTTP Authentication" as Authencation
  method and provide correct username and password.
  

Problem summary

• ****************************************************************
  * USERS AFFECTED:  IBM BPM Advanced                            *
  *                  IBM BPM Standard                            *
  *                  IBM BPM Express                             *
  ****************************************************************
  * PROBLEM DESCRIPTION: After you upgrade to IBM Business       *
  *                      Process Manager (BPM) V8.5.6.0          *
  *                      cumulative fix 1 or cumulative fix 2,   *
  *                      when you use web service integration    *
  *                      to invoke a target web service          *
  *                      server,  the WSDL is protected, and     *
  *                      you haven't set basic authentication    *
  *                      for the web service integration, the    *
  *                      invocation might failed with HTTP       *
  *                      status code 401.                        *
  ****************************************************************
  * RECOMMENDATION:                                              *
  ****************************************************************
  The Protected WSDL check box shows that the WSDL is protected
  only by the basic authentication instead of the web service
  provider. In IBM BPM V8.5.6.0 cumulative fix 1 and cumulative
  fix 2 we corrected this behavior. With these cumulative fixes
  applied, protected WSDL controls only the WSDL authentication.
  The web service provider protection is controlled by security
  configuration from the Security tab.
  However, if you haven óÔé¼Ôäót set this configuration after upgr
  to these cumulative fixes, you can change this behavior in the
  appropriate 100Custom.xml to your topology:
  <common merge="mergeChildren">
  <webservices merge="mergeChildren">
  <use-protect-wsdl-auth-in-webservice
  merge="replace">true</use-protect-wsdl-auth-in-webservice>
  </webservices>
  </common>
  With this changed configuration, the default value will be set
  to true.
  

Problem conclusion

Temporary fix

• The code fix that enables the security configuration option to
  be added in the 100Custom.xml file will be included in a
  future release of IBM BPM.
  

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Fix information

Applicable component levels

• R800 PSY

     UP