APAR status
Closed as program error.
Error description
When using the assembly action client-security feature (available in API assembly) in an unsecured API, invalid subscription may not be detected and request could return a 200 OK code.
Local fix
Enforcing security schema in the API or a Global Policy can be configured to circumvent it. More details on this can be found here:https://github.com/ibmArtifacts/GlobalPolicy_and_UDP
Problem summary
A Client-security policy may not detect an invalid subscription.
Problem conclusion
Fix is available in 10.0.1.7, 10.0.4.0sr1, and 10.5.0.0. For a list of the latest fix packs available, please see: https://www.ibm.com/support/pages/node/83105
Temporary fix
Comments
APAR Information
APAR number
IT40243
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
A0X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-03-10
Closed date
2022-04-21
Last modified date
2022-04-21
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateways"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"A0X"}]
Document Information
Modified date:
22 April 2022