IBM Support

Operational Decision Manager Known Limitations, Version 9.0.x

News


Abstract

This page lists the known limitations in the different release versions of Operational Decision Manager 9.0.x. The list also provides workarounds for most of the issues.

Content

Table of contents
 General
Limitation Comment or workaround Version
Operational Decision Manager has no way to block outgoing HTTP communication. If you need to control this type of communication, a proxy can be used, and an allowlist filter can be added at the application server level. 9.0.0
 Installation and Configuration
Limitation Comment or workaround Version
You run JBoss 7.4.X and get failures on test suites or simulations because Decision Runner is not running correctly:

java.io.InvalidClassException: filter status: REJECTED
   at java.base/java.io.ObjectInputStream.filterCheck()
 
JBoss applies a Java serialization filter that prevents Decision Runner from using Java serialization in certain cases. The filter is managed by a property that is written in the log file at server startup:
 
jdk.serialFilter = maxbytes=10485760;maxdepth=128;maxarray=100000;maxrefs=300000
The serialization filter can be modified or disabled. To disable the filter:
  1. Open the JBoss configuration file: <JBboss home>/bin/init.d/jboss-eap.conf
  2. Add the following line to the file:
    export DISABLE_JDK_SERIAL_FILTER=true
    export DISABLE_JDK_SERIAL_FILTER
  3. Restart the JBoss server.
 9.0.0
Eclipse must use Java 17.
You must have Java 17 installed on your computer to do this setup. To switch to Java 17:
  1. Open Eclipse.
  2. In the toolbar, click Window > Preferences > Java > Installed JREs.
  3. Click Add to add a new JRE.
  4. Select Standard VM and click Next.
  5. Select the directory on your computer that contains Java 17, for example, C:\Program Files\Java\jdk-17.
  6. Click Finish to add the JRE.
  7. Select the new JRE in the list, and click Apply and Close.
  8. Restart Eclipse
 9.0.0
When you install Rule Designer on Eclipse, a warning message tells you that the Rule Designer feature file is not signed. You can ignore the message. Rule Designer will install safely.
Spring Framework has a potential remote code execution issue when used for Java deserialization of untrusted data. There is no fix for this vulnerability. Java deserialization of untrusted data is unsafe. Customers must ensure that they do not expose HTTP invoker endpoints to untrusted clients. Customers may expose HTTP invoker endpoints only between their own services. 9.0.0
Users of Semeru JDK on macOS machines cannot use the Norwegian locale (no_No). They get an exception when loading a project. To work in Norwegian on Operational Decision Manager components, use a different operating system. 9.0.0

Spring 5.3 has introduced an incompatibility with old versions of JBoss. An open source framework, Spring is used in the foundation of IBM Operational Decision Manager Decision Center in the Business console and the REST API.

 To resolve the problem, see 9.0.0
 Rule Designer
Limitation Comment or workaround Version
Rule Designer runs slowly or stops responding when a help view is open.
Try the following workarounds:
  •     If the help view is not needed, close it.
  •     If the help view is needed, open Window > Preferences > Help > Content in the Rule Designer Eclipse environment, and systematically click Apply and Close. The URL of the help service should be https://www.ibm.com/docs/odm/8.12.0.
 9.0.0
The sample in Automated decision service deployment sample setup and details does not work as described.
You need to modify two files to run the tasks successfully:
  •     Add <targets label="SampleDirectory"/> before <operations> in ODM8104\studio\samples\brmanagement\buildautomationtool\project\miniloan-automation\deployment\DirectoryDeployment.dep.
  •     Add <targets label="SampleServer"/> before <operations> in ODM8104\studio\samples\brmanagement\buildautomationtool\project\miniloan-automation\deployment\ServerDeployment.dep.
 9.0.0
You cannot test decision operations in the Rule Designer that is available in the Eclipse Marketplace. The testing feature is available in the Rule Designer that is packaged in the Decision Server repository that is available through IBM Passport Advantage Online. 9.0.0
When you import a rule project into Rule Designer on macOS, you might not be able to expand the folders in the project.
When you import a rule project:
  1.     Select the folder to be imported.
  2.     Click the From Directory text box.
  3.     Press Enter.
 9.0.0
When you use the Samples Console, you cannot see the commands in the Samples Commands tab. You cannot see the commands when an Ant window is open. Restart Eclipse to display the commands. 9.0.0
The name property cannot be empty when you publish a project from Rule Designer to Decision Center. Make sure that all the rules and packages are in the rule folder, and there is no .rulepackage file directly in the rule folder or anywhere else in the rule project. 9.0.0
When you run automated builds in headless mode from the Windows command line, you get an error message if no argument is specified. For languages that use extended character sets, the error message is displayed incorrectly.

To avoid this issue:

  1. Run the chcp command to display the active code page (cp) number.
  2. Run the automated build command as shown in the following example, adding the arguments -vmargs -Dfile.encoding= to change the default character encoding:
    \eclipsec.exe -application ilog.rules.studio.automation.builder -noSplash -nl fr -vmargs -Dfile.encoding=cp437
 9.0.0
While the ilog.rules.brl types that represent a complete date without a time (SimpleDate and UniversalDate) can be used as is for comparisons, the other types for partial dates might require changes to obtain the wanted comparison behavior.
For example, if you use ilog.rules.brl.Month and data for month/day/year, a comparison of months might fail as whole dates, and not partial dates, are compared.
To prevent this problem:
  •     Change the getter sections of the BOM fields that represent partial dates.
  •     Change the body of the BOM methods that return a partial date by using the ilog.rules.brl.IlrDateUtil utility class.
 9.0.0
Decision Center
Limitation Comment or workaround Version
Vulnerability scanners show Content Security Policy (CSP) as a vulnerability. The HTTP Content Security Policy (CSP) response header allows website administrators to control resources that the user agent is allowed to load for a given page. The script source policy for Operational Decision Manager requires the use of directives that might be detected by some vulnerability scanners as vulnerable: script-src: unsafe-inline unsafe-eval. Those directives are needed by Decision Center to work properly and you must keep them. 9.0.0
In the Business Console, the same user cannot open several windows in the same browser. None 9.0.0
The Import Excel File command in the decision table editor in the Business console imports any formula that is contained in an Excel file, instead of just the results of the formula.
To import a copy of an Excel file with the formulas replaced by their results:
  1.     Copy the cells that contain formulas.
  2.     Click the down arrow on the Paste button in the Clipboard section of the Home tab, and then click the Values button in the Paste Values section of the drop-down menu.
 9.0.0
The search feature does not take into account technical rules or functions. Users can find technical rules and functions by using the query feature. 9.0.0
In OpenID Connect, when you run a request that needs authentication from the decisioncenter-API Swagger URL, the basic authentication connection setting is displayed, instead of the OAUTH/OpenID connection panel. N.A. 9.0.0
You might encounter improper functioning of the search in the Business console or log entries related to org.apache.solr that are caused by upgrades to the embedded Apache Solr search engine.
Re-index the search:
  1.     Stop the server.
  2.     Delete the directory /decisioncenter-solr<ext>.
  3.     Restart the server.
Solr indexes are then automatically regenerated. You can locate the Solr index directory by running the diagnostic in the Business console.
 9.0.0
Spring Boot has a feature that automatically detects any logging framework that is available. It is based on the presence of classes listed in org.springframework.boot.logging.LoggingSystem.SYSTEMS - either Logback, Log4j or JUL). Spring Boot configures the feature from either an application-provided logging configuration file or Spring Boot’s own default configuration file, which is packaged in Spring Boot. This can cause issues when Spring Boot bypasses the application server logging configuration. In this case, the application server configuration file is not taken into account and all the defined filters are ignored.

To configure logging with a platform logging configuration file, you must disable the Spring Boot override mechanism. To do so, set a JVM property to configure the Spring Boot logging behavior with the following property and value:

-Dorg.springframework.boot.logging.LoggingSystem=none
 9.0.0
The Decision Center ear cannot start on WAS 8.5.5, using the bundled JDK (IBM JDK 8.0.5.6). This is caused by the following issue: http://www.ibm.com/support/docview.wss?uid=swg1IJ03716 Upgrade the IBM SDK version bundled in WAS8.5.5 to IBM SDK 8.0.5.10 or earlier. 9.0.0
 Rule Execution Server
Limitation Comment or workaround Version
The contextual help in the Rule Execution Server console might not work in your installation, especially if you use the IBM WebSphere Liberty server.
If you get errors for SSL handshakes in the Rule Execution Server console logs, note the name of the host that is related to the errors, and then add the certification chain for this host to your JVM trust store. Usually, the host name is  www.ibm.com, but it can be different.
Follow these steps to add the certification chain to WebSphere Liberty:
  1.     Open https://<host name>/ in a web browser.
  2.     Display the certificate information.
  3.     Export the certification chain as a .pem file. (Note: If you use the Firefox web browser, it gives you the option of downloading the file that displays the certificate information.) For additional information, see Export & Download — SSL Certificate from Server (Site URL).  
  4.     Create a trust store file, truststore.jks, and import the .pem file into the trust store. You can use the following command to do so:
    <jdk>/bin/keytool -importcert
    -file www-ibm-com-chain.pem -keystore <trust store>
    -storepass <trust store password> -alias odmkc
  5.     Ensure that the trust store is referenced by from your server.xml configuration file. This example adds the following statement with your truststore.jks file to the <server root>/resources/security folder:
    <keyStore id="defaultTrustStore" password="<your truststore password>" location="truststore.jks" /> 
 9.0.0
If you use a Swagger API to run rules that have a parameter named response or request, the run stops and you get a bad request error:
statusCode=400, responseMessage=Bad Request,
responseBody=sun.net.www.protocol.http.HttpURLConnection$HttpInputStream@7c8dbe70, responseHeaders=CaseInsensitiveMultivaluedMap [map=[null=HTTP/1.1 400 Ba		 Do not use response or request in parameter names for Swagger calls. 9.0.0
Since the update of the Myfaces third-party library, warnings are issued to the RES console log when users browse the web application, for example:
  •     WARN [org.apache.myfaces.shared_impl.renderkit.html.HtmlImageRendererBase]
  •     WARN [org.apache.myfaces.shared_impl.renderkit.html.HtmlGridRendererBase]
 Set the logging trace org.apache.myfaces.shared.renderkit.html.* to error to hide the warning messages in the log
For liberty/WAS: Use the trace specification org.apache.myfaces.shared.renderkit.html.*=error
For Tomcat:  add org.apache.myfaces.shared.renderkit.html.*.level = SEVERE
to the logging.properties file.		 9.0.0
While running a test, you get the following exception error: Caused by: com.ibm.db2.jcc.am.SqlDataException: VALUE <Lob-Value> IS TOO LONG. SQLCODE=-433, SQLSTATE=22001, DRIVER=3.72.45
You might need to modify the size of the tables that are used by Decision Runner. In the table EXECUTIONINSTANCEDATA, increase the column parameters to a BLOB of 2GB.
On DB2:
ALTER EXECUTIONINSTANCEDATA ALTER parameter SET BLOB(2G)
 9.0.0
 Operational Decision Manager on Certified Kubernetes
Limitation Comment or workaround Version
You must define the version of the release to the image.tag parameter to install.

When installing ODM, you must assign the image.tag parameter to 9.0.0.0.

For example:
helm install my-odm ibm-helm/ibm-odm-prod --set image.tag=9.0.0.0 --set image.repository=cp.icr.io/cp/cp4a/odm --set license=accept

 9.0.0
You must declare a version of SSL for your DB2 custom external database.
When configuring a DB2 custom external database, you must edit the properties.db2.jcc configuration to define the SSL version for your DB2 installation, for example, sslVersion="TLSv1.2".
 9.0.0
If you use an ibm-odm-dev Helm chart earlier than version 21.2.0, you will encounter an error when installing an instance of Operational Decision Manager for Developers.
IBM is moving product images from Docker, docker.io/ibmcom, to the IBM Container Registry, icr.io. You can now obtain the IBM Operational Decision Manager for Developers image without authentication by using this IBM-controlled source.

Move from Docker to the IBM Container Registry by setting the image.repository parameter to icr.io/odm-k8s when you install an instance of Operational Decision Manager for Developers.
  
helm install my-odm-dev-release 
--set license=accept 
--set image.repository=icr.io/odm-k8s ibm-charts/ibm-odm-dev
 9.0.0

[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSQP76","label":"IBM Operational Decision Manager"},"ARM Category":[{"code":"a8m3p0000008uPKAAY","label":"Configure"},{"code":"a8m3p0000008uP6AAI","label":"Install"},{"code":"a8m3p0000008uPBAAY","label":"Performance"},{"code":"a8m3p0000008uPeAAI","label":"Product Planning"},{"code":"a8m3p0000008uPNAAY","label":"Vulnerability"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0.0"}]

Document Information

Modified date:
28 June 2024

UID

ibm17116291

Page Feedback