Fixes are available
18.0.0.2: WebSphere Application Server Liberty 18.0.0.2
18.0.0.3: WebSphere Application Server Liberty 18.0.0.3
18.0.0.4: WebSphere Application Server Liberty 18.0.0.4
19.0.0.1: WebSphere Application Server Liberty 19.0.0.1
19.0.0.2: WebSphere Application Server Liberty 19.0.0.2
19.0.0.3: WebSphere Application Server Liberty 19.0.0.3
19.0.0.4: WebSphere Application Server Liberty 19.0.0.4
19.0.0.5: WebSphere Application Server Liberty 19.0.0.5
19.0.0.6: WebSphere Application Server Liberty 19.0.0.6
19.0.0.7: WebSphere Application Server Liberty 19.0.0.7
19.0.0.8: WebSphere Application Server Liberty 19.0.0.8
19.0.0.9: WebSphere Application Server Liberty 19.0.0.9
19.0.0.10: WebSphere Application Server Liberty 19.0.0.10
19.0.0.11: WebSphere Application Server Liberty 19.0.0.11
19.0.0.12: WebSphere Application Server Liberty 19.0.0.12
20.0.0.1: WebSphere Application Server Liberty 20.0.0.1
20.0.0.2: WebSphere Application Server Liberty 20.0.0.2
20.0.0.3: WebSphere Application Server Liberty 20.0.0.3
20.0.0.4: WebSphere Application Server Liberty 20.0.0.4
20.0.0.5: WebSphere Application Server Liberty 20.0.0.5
20.0.0.6: WebSphere Application Server Liberty 20.0.0.6
20.0.0.7: WebSphere Application Server Liberty 20.0.0.7
20.0.0.8: WebSphere Application Server Liberty 20.0.0.8
20.0.0.9: WebSphere Application Server Liberty 20.0.0.9
20.0.0.10: WebSphere Application Server Liberty 20.0.0.10
20.0.0.11: WebSphere Application Server Liberty 20.0.0.11
20.0.0.12: WebSphere Application Server Liberty 20.0.0.12
21.0.0.3: WebSphere Application Server Liberty 21.0.0.3
21.0.0.4: WebSphere Application Server Liberty 21.0.0.4
21.0.0.5: WebSphere Application Server Liberty 21.0.0.5
21.0.0.6: WebSphere Application Server Liberty 21.0.0.6
21.0.0.7: WebSphere Application Server Liberty 21.0.0.7
21.0.0.8: WebSphere Application Server Liberty 21.0.0.8
21.0.0.9: WebSphere Application Server Liberty 21.0.0.9
21.0.0.1: WebSphere Application Server Liberty 21.0.0.1
21.0.0.2: WebSphere Application Server Liberty 21.0.0.2
21.0.0.10: WebSphere Application Server Liberty 21.0.0.10
21.0.0.11: WebSphere Application Server Liberty 21.0.0.11
21.0.0.12: WebSphere Application Server Liberty 21.0.0.12
22.0.0.1: WebSphere Application Server Liberty 22.0.0.1
22.0.0.2: WebSphere Application Server Liberty 22.0.0.2
22.0.0.3: WebSphere Application Server Liberty 22.0.0.3
22.0.0.4: WebSphere Application Server Liberty 22.0.0.4
APAR status
Closed as program error.
Error description
- UncoveredHttpMethodWarnings should not show if customers are using Servlet 3.0 or below (currently showing all the time) - suppressUncoveredHttpMethodWarning configuration is not honored - Clarify the documentation in the Knowledge Center about what messages would be suppressed (It will be CWWKS9122I and CWWKS9123I) Documentation https://www.ibm.com/support/knowledgecenter/en/SSAW57_libert y/co m.ibm.websphere.liberty.autogen.nd.doc/ae/rwlp_config_webApp lica tion.html Message: https://www.ibm.com/support/knowledgecenter/en/SSAW57_libert y/co m.ibm.websphere.messages.liberty.doc/CWWKS.html CWWKS9122I: For URL {0} in application {1}, the following HTTP methods are uncovered, and accessible: {2} CWWKS9123I: For URL {0} in application {1}, the following HTTP methods are uncovered, and not accessible: {2}
Local fix
n/a
Problem summary
**************************************************************** * USERS AFFECTED: Users who wants to suppress warning message * * when deny-uncovered-http-methods element is * * present in web.xml * **************************************************************** * PROBLEM DESCRIPTION: suppressUncoveredHttpMethodWarning * * configuration does not work * **************************************************************** * RECOMMENDATION: * **************************************************************** According to the Java? Servlet 3.1 specification, in section "13.8.4.2 Handling Uncovered HTTP Methods", there is a requirement to notify the deployer on how HTTP methods are handled when the <deny-uncovered-http-methods/> element is defined in the application's web.xml. To comply with the specification, Liberty prints the following messages in the messages.log file depending on the configuration: CWWKS9122I: For URL {0} in application {1}, the following HTTP methods are uncovered, and accessible: {2} CWWKS9123I: For URL {0} in application {1}, the following HTTP methods are uncovered, and not accessible: {2} There are two problems with when these messages are output. First, the messages are printed even when the Liberty server is configured with the servlet-3.0 feature. Second, setting the "suppressUncoveredHttpMethodWarning" option to true in the webApplication configuration does not suppress the messages like it is supposed to.
Problem conclusion
CWWKS9122I and CWWKS9123I will now only be issued when server.xml is configured with the servlet-3.1 or higher feature. In addition, to avoid duplicate function, the "suppressUncoveredHttpMethodWarning" option in the webApplication configuration was removed, since Liberty already has the capability to suppress any message by using the "hideMessage" option of the logging configuration. Users can suppress the messages by either: 1) Configuring the following in bootstrap.properties: com.ibm.ws.logging.hideMessage=CWWKS9122I,CWWKS9123I or... 2) Configuring the following in server.xml : <logging hideMessage="CWWKS9122I,CWWKS9123I"/> For more information about logging configuration, refer to https://www.ibm.com/support/knowledgecenter/SSEQTP_liberty/com.i bm.websphere.wlp.doc/ae/rwlp_logging.html. The fix for this APAR is currently targeted for inclusion in fix pack 18.0.0.2. Please refer to the Recommended Updates page for delivery information: http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PI95717
Reported component name
LIBERTY PROFILE
Reported component ID
5724J0814
Reported release
CD0
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-03-26
Closed date
2018-05-31
Last modified date
2018-05-31
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
LIBERTY PROFILE
Fixed component ID
5724J0814
Applicable component levels
RCD0 PSY
UP
Document Information
Modified date:
04 May 2022