on 03-30-2011 9:34 PM
Hi,
We are using GRC 5.3 SP14. When we try to run risk analysis from CUP the process keeps on running, but the log shows the below error. We were able to run risk analysis before until we changed the parameters given in SAP notes 1564243 , 723909 and 1121978. Also the parameter "Web service violation limit" is set to 80000 in RAR.
Can someone please help with this?
=============================================================
2011-03-31 01:22:43,412 [SAPEngine_Application_Thread[impl:3]_38] INFO com.virsa.ae.accessrequests.actions.UpdateRequestDetailsAction : checkRoleValidity() : : INTO the method
2011-03-31 01:22:43,447 [SAPEngine_Application_Thread[impl:3]_38] INFO SystemDAOFactory.java@73:getRiskAnalysisDAO() : EN
2011-03-31 01:22:43,447 [SAPEngine_Application_Thread[impl:3]_38] INFO SystemDAOFactory.java@74:getRiskAnalysisDAO() : Locale ID is :1
2011-03-31 01:22:43,447 [SAPEngine_Application_Thread[impl:3]_38] INFO SystemDAOFactory.java@75:getRiskAnalysisDAO() : Locale date time format is :MM/dd/yyyy HH:MM:SS
2011-03-31 01:22:43,449 [SAPEngine_Application_Thread[impl:3]_38] INFO com.virsa.ae.service.sap.SystemDAOFactory : getRiskAnalysisDAO() : : cc version : 5.3_WS
2011-03-31 01:22:43,449 [SAPEngine_Application_Thread[impl:3]_38] INFO com.virsa.ae.service.sap.SystemDAOFactory : getRiskAnalysisDAO() : : risk analysis dao is set to RiskAnalysisWS52DAO
2011-03-31 01:22:43,449 [SAPEngine_Application_Thread[impl:3]_38] INFO com.virsa.ae.service.sap.SystemDAOFactory : getRiskAnalysisDAO() : : cc uri : http://sapgrc:52000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
2011-03-31 01:22:43,453 [SAPEngine_Application_Thread[impl:3]_38] INFO SystemDAOFactory.java@1968:getEJBURI() : EJB URI:sapgrc:52004
2011-03-31 01:22:43,460 [SAPEngine_Application_Thread[impl:3]_38] ERROR java.lang.LinkageError: loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
java.lang.LinkageError: loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1161)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:381)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:118)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
2011-03-31 01:22:43,461 [SAPEngine_Application_Thread[impl:3]_38] ERROR Exception during EJB call, Ignoring and trying Webservice Call
com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1161)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:381)
at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:118)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
Caused by: java.lang.LinkageError: loader constraints violated when linking com/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO class
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
... 28 more
======================================
Regards,
Chintan
Please check the URI for RAR in CUP.
Regards,
Chinmaya
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Chinmaya,
I checked the URI and its correct.
http://sapgrc:52000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
Regards,
Chintan
I check again and the URI is correct as below:
http ://sapgrc:52000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
The connector name is also same in both RAR and CUP.
Sometimes I get the below error also,
Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (-1) null. The requested URL was:"http://sapgrc:52000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document"
But I can open the URL "http://sapgrc:52000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document" also successfully.
Regards,
Chintan
The issue is with the number of SoD conflicts the user has.
CUP will compare the conflicts with the existing profile of the user and the roles added in the request. So if the user profile has wide system access (kind of SAP_ALL), it will throw this error after running for quite a long time.
This case should not appear in Production environment as no one will have wide system access. Mine was SBX system, and I was testing with my id having SAP_ALL auth.
Try selecting a user in CUP request having limited system access.
You said you set the web service violation limit to 80000.
Isn't that a bit high anyway?
- if you are going to have that many risks in a user, that may well be the reason for the timeout
- even if the service were to return the risks - how would you deal with them in a request????
My customers usually had this around 1000. You need to make sure you can actually deal with the result of risk analysis in a request, otherwise it's a wasted effort and you need to clean up the user first.
Frank.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.