APAR status
Closed as program error.
Error description
REST API discovery is enabled by default in WebSphere Commerce Developer and runtime environments. However, it should be disabled by default in runtime environments. API discovery is a convenience feature for development, but might not be required in production. Development tools, including Swagger UI, that depend on API discovery to function might not be suitable to be run in a production system.
Local fix
Problem summary
USERS AFFECTED: WebSphere Commerce Version 7 users on Feature Pack 8 or higher who use REST services. PROBLEM ABSTRACT: REST API discovery is enabled by default in runtime environments. BUSINESS IMPACT: Customers might not require REST API discovery in their runtime environments. RECOMMENDATION:
Problem conclusion
The REST API discovery flag ("ApiDiscoveryEnabled") in the component configuration file for com.ibm.commerce.foundation-fep is set to false by default when this fix is applied to runtime environments. In WebSphere Commerce Developer environments, the flag is set to true. To re-enable REST API discovery in runtime environments, extend the component configuration file and set the value of the ApiDiscoveryEnabled flag to true. For more information, see http://www-01.ibm.com/support/knowledgecenter/api/content/SSZLC2 _7.0.0/com.ibm.commerce.webservices.doc/tasks/tsdwccomponentrest .htm The REST API discovery flag now provides access control to The Swagger UI. If API discovery is disabled, when a user attempts to access the Swagger UI URL, a 403 response code will be returned.
Temporary fix
Comments
APAR Information
APAR number
JR53515
Reported component name
WC BUS EDITION
Reported component ID
5724I3800
Reported release
700
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2015-06-03
Closed date
2015-06-24
Last modified date
2015-06-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WC BUS EDITION
Fixed component ID
5724I3800
Applicable component levels
R700 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSYSYL","label":"WebSphere Commerce Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB31","label":"WCE Watson Marketing and Commerce"}}]
Document Information
Modified date:
11 December 2021