IBM Support

PI56466: Access to UserTransaction methods is not correctly disabled with in nested @Transactional annotations

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When inside code annotated with an @Transactional
    annotation, access to methods on UserTransaction is defined
    to be disabled. This does not work correctly on WebSphere
    Application Server Liberty Profile: if a user calls code
    annotated with an @Transactional annotation while already
    within an @Transactional transaction, access to
    UserTransaction is possible when the inner call returns.
    For example, consider the pseudo-code below:
    
    @Transactional(TxType.REQUIRES) {
        ..do some work
        @Transactional(TxType.REQUIRES_NEW) {
            ..do some work
        }
        UserTransaction.commit();
    }
    
    In this example, the 'commit' call should cause an
    IllegalStateException, but it doesn't: access to
    UserTransaction is unconditionally re-enabled at the
    boundaries of @Transactional-annotated code.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  Users of @Transactional annotations in      *
    *                  WebSphere Application Server Liberty        *
    *                  versions 8.5.5.6 upwards                    *
    ****************************************************************
    * PROBLEM DESCRIPTION: Access to UserTransaction methods is    *
    *                      not correctly disabled within nested    *
    *                      @Transactional annotations              *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    When inside code annotated with an @Transactional annotation,
    access to methods on UserTransaction is defined to be disabled.
    This does not work correctly on WebSphere Application Server
    Liberty Profile: if a user calls code annotated with an
    @Transactional annotation while already within an @Transactional
    transaction, access to UserTransaction is possible when the
    inner call returns.  For example, consider the pseudo-code
    below:
    
    @Transactional(TxType.REQUIRES) {
        ..do some work
        @Transactional(TxType.REQUIRES_NEW) {
            ..do some work
        }
        UserTransaction.commit();
    }
    
    In this example, the 'commit' call should cause an
    IllegalStateException, but it doesn't: access to UserTransaction
    is unconditionally re-enabled at the boundaries of
    @Transactional-annotated code.
    

Problem conclusion

  • The code was altered to correctly manage access to
    UserTransaction methods. There is a small possibility that this
    fix will break existing code: if existing code attempts to
    illegally access UserTransaction methods, it will no longer be
    able to, and will instead receive an IllegalStateException
    error.
    
    The fix for this APAR is currently targeted for inclusion in fix
    pack 8.5.5.9.  Please refer to the Recommended Updates page for
    delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI56466

  • Reported component name

    WAS LIBERTY COR

  • Reported component ID

    5725L2900

  • Reported release

    855

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-02-02

  • Closed date

    2016-02-03

  • Last modified date

    2016-02-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WAS LIBERTY COR

  • Fixed component ID

    5725L2900

Applicable component levels

  • R855 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSD28V","label":"WebSphere Application Server Liberty Core"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"855","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
16 October 2021