cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issues after applying Java patch 7 for GRC 5.3

Go to solution
Former Member

on ‎03-24-2009 8:58 AM

0 Kudos

Hi,

We are facing issues after installing Virsa Java patch 7. Please help us out. We have done it on training server for the testing purpose and want to be sure before going to Quality.

1. Background job issue - status shows as ready but doesnt start. We have checked the url-

http://10.10.0.142:50000/sap/CCADStatus.jsp

A page opens with header - Analysis Engine Daemon Manager but dosnt show any thread.

When we tried to check in debugger as per note 999785- the table virsa_cc_config shows 30 entries including 105,106 & 107.

We restarted J2EE and checked Jco as well. Everything is fine. This issue was not there while we were on patch level 6.

2. When we run risk analysis in CUP, it simply hangs.

3. When we run risk analysis for a role in foreground in RAR, it works.

4. When we try to change a role or simply run risk analysis in ERM for a role, it throws error -

Risk analysis failed; com.virsa.utils.StringEncrypter$EncryptionException: Input data length not a multiple of blocksize.

Let me know if anyone is having same issues and if you have found any solution.

Thanks,

Sabita

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎03-27-2009 11:48 PM
0 Kudos

Hi Sabita,

for the StringEncrypter$EncryptionException part: I experienced the same error with our ERM.

The solution was:

1. Go to ERM configuration -> Miscellaneous.

2. Change both Username and Password given for all the Webservices to something else and save.

3. Change it back to the original credentials and save it.

4. Try to run the risk analysis

Cause: The password was not updated (encrypted) in the database, and tried to use the plain one.

Probably, it's enough to change only the password, and then returning back to the original one, but retyping is not sufficient (the webapp must notice the change to be able to update that)

Cheers, Feri

Show replies
Show replies
Former Member
‎03-28-2009 12:30 AM
0 Kudos

> 2. Change both Username and Password given for all the Webservices to something else and save.

> 3. Change it back to the original credentials and save it.

Does this use a new storage, or is it a workaround for service hierarchies (which are not disabled)?

I am not familiar with this specific problem, but I guess if you save once in a node then "issues" go way for the same user because the credetials are availble consistently to sub-nodes / objects?

Do you have any insights into how this works and why saving twice fixes the problem?

Cheers,

Julius

Former Member
‎03-28-2009 12:58 AM
0 Kudos

Hi Julius,

I have no specific insights on that. I had an OSS call on this, so the solution was coming from the SAP support.

But my guess is and as I mentioned above, the encryption does not occur so long the webapp-parser does not notice any changes in those fields. That is why to save it twice w/o retyping the original one at the first time.

This is what I have witnessed on our ERM. I have first updated the passwords only for two of the web services, and there was significant difference (say in length, the password appears now longer in those updated fields) compared to the other not-updated-ones.

Anyway, the log file (ERM -> Configuration -> log history -> sytem log) should give hint on this:

2009-03-26 15:47:46,468 [SAPEngine_Application_Thread[impl:3]_37] ERROR Error occured while decrypting the string: '<your_plain_password>'

java.lang.Throwable: Input data length not a multiple of blocksize.

2009-03-26 15:47:46,468 [SAPEngine_Application_Thread[impl:3]_37] ERROR com.virsa.utils.StringEncrypter$EncryptionException: Input data length not a multiple of blocksize.

java.lang.Throwable: Input data length not a multiple of blocksize.

2009-03-26 15:47:46,468 [SAPEngine_Application_Thread[impl:3]_37] ERROR com.virsa.core.service.ServiceException: com.virsa.utils.StringEncrypter$EncryptionException: Input data length not a multiple of blocksize.

java.lang.Throwable: com.virsa.utils.StringEncrypter$EncryptionException: Input data length not a multiple of blocksize.

Cheers, Feri

Former Member
‎03-28-2009 6:30 AM
0 Kudos

Hi Ferri,

Yes you are right about error logs, it was the same. Now after changing user and password and then changing it back to old one, I am getting different error-

ERROR java.lang.IllegalStateException: The operation is not allowed. The HttpServletRequest is not associated with a client request.

java.lang.Throwable: The operation is not allowed. The HttpServletRequest is not associated with a client request.

Any clues??

Thanks-Sabita

Answers (3)

Answers (3)

hkaur
Advisor
Advisor
‎03-30-2009 10:13 AM
0 Kudos

Hi Sabita,

There are few customers who have reported this issue with SP07 while it is working for some other customers. I think contacting SAP Support would be the best in this case.

Regards

Harleen

Show replies
Show replies
Former Member
‎03-30-2009 12:33 PM
0 Kudos

Hi Harleen,

We have upgraded our Quality Server and facing the same issue. We have raised a message with SAP and they are working on it.

I will update this message as soon as I get a solution.

Thanks to all of you for your support.

Regards,

Sabita

Former Member
‎04-02-2009 7:10 AM
0 Kudos

Dear All,

This is the solution for the problems-

1. Change and save the webservice password twice(encryption method changed in patch7)

2. Change the value - replace localhost in virsa_cc_config instead of IP or hostname-

update sapsr3db.virsa_cc_config set CNFGVALUE='http://localhost:50000/webdynpro/dispatcher/sap.com/grc~ccappcomp/BgJobStart' where CNFGPARAM='107';

3. Insert one entry into the table virsa_cc_config manually -

INSERT INTO SAPSR3DB.VIRSA_CC_CONFIG (CNFGPARAM, CNFGVALUE)

VALUES (236,'FUNCTIONPERMISION');

Right now the server is behaving fine with all above mentioned issues resolved.

Thanks to all of you for your support.

Regards,

Sabita

hkaur
Advisor
Advisor
‎03-26-2009 8:38 AM
0 Kudos

Hello Sabita,

Please refer SAP Note 1176262 and restart your J2EE after applying this note. This should resolve your issue.

Regards

Harleen

SAP GRC RIG

Show replies
Show replies
Former Member
‎03-26-2009 1:37 PM
0 Kudos

Hi Harleen and PKK,

Yes I have checked the note 1176262 but the error code "60Object not found in lookup of BC_ADM" is not there, in fact the job id itself is not there.

We updated the entry in virsa_cc_config as per note but still it didnt help.

We are trying to figure out various reasons, will update this post if I get and solution.

Thanks for your help.

Regards,

Sabita

Former Member
‎03-24-2009 4:15 PM
0 Kudos

Sabita,

As SP7 is the latest patch and it just release last Friday, I will recommend you to contact SAP. Most probably, there might be some bug or configuration issue.

Regards,

Alpesh

Show replies
Show replies
Former Member
‎03-25-2009 5:28 AM
0 Kudos

Hi Alpesh,

Actually we have updated our training server which is not in our landscape and not connected to SAProuter so we cant provide login to SAP. We have to upgrade our Quality first before we seek help from SAP. The issues are so critical that Quality will get stuck after applying it and we will not be able to work until SAP comes with a solution. But eventually we have to do that.

Thanks for your reply.

Thanks,

Sabita

Former Member
‎03-25-2009 9:01 AM
0 Kudos

Hi Sabita

Did you upgrade your backend RTA ? there is SP avaiable for that .

we have appleid SP7 and I dont see any problem so far , synch running fine

risk analysis is working fin in CUP etc.

Regards

PKK

former_member366047
Contributor
‎03-25-2009 2:58 PM
0 Kudos

Sabita-

We have multiple customers who upgraded to SP07 recently with no issues. And it is not a different SP install than any other SP.

You can find a "How to install a SP" guide on BPX here:

https://www.sdn.sap.com/irj/scn/articles-grc-all

Ankur

SAP GRC RIG

Former Member
‎03-26-2009 5:46 AM
0 Kudos

Yes, we have upgraded backend to SP7 and no issues in Patch Installation on both side. However, the Background Job Damoen Page is also blank - it has only header data "Analysis Engine Daemon Manager" and no job threads showing.

When we schedule background job, it goes to ready status. We have checked SAP note 999785 and entries are there.

We are unable to decide whether we shoudl go for patch 7 on Quality or it will throw the same problem.

Is there any configuration side problem?

Thanks,

Sabita

Former Member
‎03-26-2009 12:53 PM
0 Kudos

Hi Sabita,

The note which has been suggested by Harleen looks spot on for your problem

And also did you check you database ? does it have enough space ?

if you have offline risk analysis set to Yes ( the DB fills up real quick ) setting this to YES will constanlty fill the front end java tables, when you run thse synch jobs the Java tables should get overwritten with new info from the backend , however this is not the case sometimes it rather keeps appending data

So whenever you check Management view this goes and fetches data from the intermediate java tables

if you have any DB problem I suggest you turn offline risk analysis in RAR Config .

If the note resolve your issue that is well and good .

Cheers..

PKK

Ask a Question