IBM Support

PI82306: FEDERATED REPOSITORIES USES WRONG SECURITY DOMAIN

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Federated Repositories Uses Wrong Security Domain
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM WebSphere Application Server users of   *
    *                  federated repositories                      *
    ****************************************************************
    * PROBLEM DESCRIPTION: Federated Repositories Uses Wrong       *
    *                      Security Domain                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    There are certain administrative commands (from either
    WSADMIN or the administrative console) that will initialize
    a user registry in Federated Repositories and set a
    threadlocal containing the security domain name to use which
    allows the command to be run on a separate security domain
    than the request being made.
    Some of these commands do not clear the threadlocal on
    completion and the next request to use the same thread would
    now read the threadlocal that had not been cleared. Eventually
    a request could be received on the problematic thread that
    didn't match the threadlocal domain name and errors would
    ensue.
    These errors may vary, but typically they were like the
    following:
    com.ibm.websphere.wim.exception.InvalidArgumentException:
    CWWIM0500E The 'defaultWIMFileBasedRealm' realm name specified
    is not valid.
    The typical scenario when seeing the above error is that the
    'defaultWIMFileBasedRealm' realm exists in the admin domain,
    but not in the application domain that the request is intended
    to run in.
    

Problem conclusion

  • Updated the code to clear the threadlocal that had been set
    from a previous request.
    
    The fix for this APAR is currently targeted for inclusion in
    fix packs 8.0.0.14, 8.5.5.13 and 9.0.0.6.  Please refer to the
    Recommended Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI82306

  • Reported component name

    WEBSPHERE APP S

  • Reported component ID

    5724J0800

  • Reported release

    850

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2017-05-30

  • Closed date

    2017-06-06

  • Last modified date

    2017-06-06

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBSPHERE APP S

  • Fixed component ID

    5724J0800

Applicable component levels

  • R800 PSY

       UP

  • R850 PSY

       UP

  • R900 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"850","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
18 October 2021