Download
Abstract
JAX-WS Web services applications may get Java 2 security violation when run in a Java 2 security enabled environment.
Download Description
PM29816 resolves the following problem:
ERROR DESCRIPTION:
APAR PM20957 introduced a Java 2 security exception with the following stack:
java.security.AccessControlException: Access denied
(org.osgi.framework.ServicePermission
com.ibm.wsspi.cluster.adapter.channel.
ChannelSelectionAdapter get)
at java.security.AccessController.
checkPermission(AccessController.java:103)
at java.lang.SecurityManager.checkPermission
(SecurityManager.java:558)
at com.ibm.ws.security.core.SecurityManager.
checkPermission(SecurityManager.java:214)
at org.eclipse.osgi.framework.internal.core.Framework.
checkGetServicePermission(Framework.java:1331)
at org.eclipse.osgi.framework.internal.core.Framework.
getServiceReferences(Framework.java:1187)
at org.eclipse.osgi.framework.internal.core.
BundleContextImpl.getServiceReference(
BundleContextImpl.java:757)
at com.ibm.wsspi.runtime.service.WsServiceRegistry.
getService(WsServiceRegistry.java:105)
at com.ibm.ws.websvcs.transport.http.
OutboundURLTargetResolver.identityToCFEndPoint(
OutboundURLTargetResolver.java:1092)
at com.ibm.ws.websvcs.transport.http.
OutboundURLTargetResolver.getOutboundTarget(
OutboundURLTargetResolver.java:370)
at com.ibm.ws.websvcs.transport.http.SOAPOverHTTPSender
.<init>(SOAPOverHTTPSender.java:1618)
at com.ibm.ws.websvcs.transport.http.
HTTPTransportSender.invoke(
HTTPTransportSender.java:301)
at org.apache.axis2.engine.AxisEngine.send(
AxisEngine.java:712)
LOCAL FIX:
PROBLEM SUMMARY
USERS AFFECTED:
All users of IBM WebSphere Application Server V6.1 with JAX-WS Web services with
Java 2 security enabled
PROBLEM DESCRIPTION:
JAX-WS Web services applications may get Java 2 security violation when
run in a Java 2 security enabled environment.
RECOMMENDATION:
Install a fix pack that includes this APAR.
A regression was introduced in WebSphere Application Server V6.1.0.35 that could cause a
java.security.AccessControlException when Java 2 Security is enabled. This problem affects only JAX-RPC Web Services applications that are installed on the application server, and the problem only occurs when one of the following conditions is true:
* WS-Addressing is enabled.
* The enableInProcessConnections Web Container property is
enabled on the server side.
* The Remote Request Dispatcher (RRD) Web Container extension
is enabled.
The following exception may appear in the SystemOut.log:
java.security.AccessControlException: Access denied
(org.osgi.framework.ServicePermission
com.ibm.wsspi.cluster.adapter.channel.ChannelSelectionAdapter
get)
at
java.security.AccessController.checkPermission(AccessController.
java:103)
at
java.lang.SecurityManager.checkPermission(SecurityManager.java:5
58)
at
com.ibm.ws.security.core.SecurityManager.checkPermission(Securit
yManager.java:214)
at
org.eclipse.osgi.framework.internal.core.Framework.checkGetServi
cePermission(Framework.java:1331)
at
org.eclipse.osgi.framework.internal.core.Framework.getServiceRef
erences(Framework.java:1187)
at
org.eclipse.osgi.framework.internal.core.BundleContextImpl.getSe
rviceReference(BundleContextImpl.java:757)
at
com.ibm.wsspi.runtime.service.WsServiceRegistry.getService(WsSer
viceRegistry.java:105)
at
com.ibm.ws.websvcs.transport.http.OutboundURLTargetResolver.iden
tityToCFEndPoint(OutboundURLTargetResolver.java:1092)
at
com.ibm.ws.websvcs.transport.http.OutboundURLTargetResolver.getO
utboundTarget(OutboundURLTargetResolver.java:370)
at
com.ibm.ws.websvcs.transport.http.SOAPOverHTTPSender.<init>(SOAP
OverHTTPSender.java:1618)
at
com.ibm.ws.websvcs.transport.http.HTTPTransportSender.invoke(HTT
PTransportSender.java:301)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:712)
...
PROBLEM CONCLUSION:
The JAX-WS code is corrected to prevent the Java 2 security exception.
The fix for this APAR is currently targeted for inclusion in fix pack 6.1.0.37. Please refer to the Recommended Updates page for delivery information:
http://www.ibm.com/support/docview.wss?uid=swg27004980
Prerequisites
Please download the UpdateInstaller below to install this fix.
Installation Instructions
Please review the readme.txt for detailed installation instructions.
Technical Support
Contact IBM Support using SR (http://www.ibm.com/software/support/probsub.html), visit the WebSphere Application Server support web site (http://www.ibm.com/support/entry/portal/Overview/Software/WebSphere/WebSphere_Application_Server), or contact 1-800-IBM-SERV (U.S. only).
Problems (APARS) fixed
Was this topic helpful?
Document Information
Modified date:
15 June 2018
UID
swg24029181