APAR status
-
Closed as program error.
Error description
-
Web Server Plug-ins for IBM WebSphere Application Server (IHS) introduced three new properties, configurable via generated plugin-cfg.xml, in APAR PH48747. Config element attribute HostVerificationStartupCheck. Config element attribute SecureHostVerification. Config child Property element: GlobalHostAlias These new properties cannot be configured when using the On Demand Router plugin-cfg.xml generation function or the Intelligent Management High Availability plugin-cfg.xml generation service.
Local fix
-
N/A
Problem summary
-
**************************************************************** * USERS AFFECTED: All users of Web Server Plug-ins for IBM * * WebSphere Application Server using On * * Demand * * Router plugin-cfg.xml generation or the * * High * * Availability plugin-cfg.xml generation * * service. * **************************************************************** * PROBLEM DESCRIPTION: IHS plugin-cfg.xml properties added in * * PH48747 (CVE-2022-39161) cannot be * * configured for ODC generated plugin- * * cfg.xml files. * **************************************************************** * RECOMMENDATION: * **************************************************************** Web Server Plug-ins for IBM WebSphere Application Server (IHS) introduced three new properties, configurable via generated plugin-cfg.xml, in APAR PH48747. Config element attribute HostVerificationStartupCheck. Config element attribute SecureHostVerification. Config child Property element: GlobalHostAlias. These new properties cannot be configured when using On Demand Configuration (ODC) based plugin-cfg.xml generation. ODC based plugin-cfg.xml generation are those generated by the On Demand Router (ODR) plugin-cfg.xml generation function and the Intelligent Management High Availability plugin-cfg.xml generation service.
Problem conclusion
-
The On Demand Router (ODR) plugin-cfg.xml generation function and the Intelligent Management High Availability plugin-cfg.xml generation service were updated to allow the new plugin-cfg.xml properties (HostVerificationStartupCheck, SecureHostVerification, GlobalHostAlias) to be configurable and included in the generated plugin-cfg.xml files. The properties for the ODR plugin-cfg.xml generation are defined by JVM custom properties on the ODR process. Servers > Server Types > On Demand Routers > [odrName] > Java and Process Management > Process definition > Java Virtual Machine > Custom properties Config element attribute HostVerificationStartupCheck. JVM property name: com.ibm.ws.odr.plugincfg.config.HostVerificationStartupCheck Config element attribute SecureHostVerification. JVM property name: com.ibm.ws.odr.plugincfg.config.SecureHostVerification Config child Property element: GlobalHostAlias. JVM property name: com.ibm.ws.odr.plugincfg.property.GlobalHostAlias NOTE: Value of com.ibm.ws.odr.plugincfg.property.GlobalHostAlias is a comma-separated list (NO SPACES) of hostnames and/or IP addresses. The properties for the Intelligent Management High Availability plugin-cfg.xml generation are defined by values carried in the ODCPluginCfgIHSConfigProperties_<definitionID> cell custom property. System Administration > Cell > Custom Properties NOTE: The value of ODCPluginCfgIHSConfigProperties_<definitionID> is a comma separated list of ATTRIBUTE_NAME=value pairs where ATTRIBUTE_NAME is the name of an attribute or property element represented in the plugin-cfg.xml. Config element attribute HostVerificationStartupCheck. ODCPluginCfgIHSConfigProperties_<definitionID> ATTRIBUTE_NAME: HostVerificationStartupCheck Config element attribute SecureHostVerification. ODCPluginCfgIHSConfigProperties_<definitionID> ATTRIBUTE_NAME: SecureHostVerification Config child Property element: GlobalHostAlias. ODCPluginCfgIHSConfigProperties_<definitionID> ATTRIBUTE_NAME: GlobalHostAlias NOTE: The value of ATTRIBUTE_NAME: GlobalHostAlias is a comma-separated list (NO SPACES) of separated list of hostnames and/or IP addresses. Below is an example of cell custom property ODCPluginCfgIHSConfigProperties_<definitionID> used to set all three properties. Cell property name: ODCPluginCfgIHSConfigProperties_1 Cell property ODCPluginCfgIHSConfigProperties_1 value: HostVerificationStartupCheck=false,SecureHostVerification=false, GlobalHostAlias=host1.ibm.com,127.0.0.1,0:0:0:0:0:0:0:1,::1 The fix for this APAR is targeted for inclusion in fix pack 8.5.5.24 and 9.0.5.17. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
-
APAR number
PH55600
-
Reported component name
WEBS APP SERV N
-
Reported component ID
5724H8800
-
Reported release
850
-
Status
CLOSED PER
-
PE
NoPE
-
HIPER
NoHIPER
-
Special Attention
NoSpecatt / Xsystem
-
Submitted date
2023-07-06
-
Closed date
2024-01-16
-
Last modified date
2024-01-16
-
APAR is sysrouted FROM one or more of the following:
-
APAR is sysrouted TO one or more of the following:
Fix information
-
Fixed component name
WEBS APP SERV N
-
Fixed component ID
5724H8800
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Document Information
Modified date:
03 March 2025