cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Risk analysis failed: Exception

Go to solution
Former Member

on ‎08-19-2011 6:53 PM

0 Kudos

I am getting the following error while performing the risk analysis @CUP.

We have maintained the following URL, Communication user id password":

http://sapgrc:50000/VirsaCCRiskAnalysisService/Config1?wsdl&style=document

don't know where exactly its failing, Could you pls help me?

Thank you.

Rehards,

Sumanth

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎08-19-2011 10:09 PM
0 Kudos

Hi Krishna,

The issue could be due to one of the following:

1. Connector names that you are using in GRC CUP- Make sure you have the right connector names used in RAR, CUP applications.

2.No.of risks are more since the assigned roles/profiles have more conflicts. Run the analysis in the RAR system directly and see how many risks are poped up. You may alternatively try performing risk analysis for another user from CUP who has limited # of roles.

Since you have already confirmed that the user ID is correctly mentioned and the password was maintained properly, I also recommend you to check in UME and ensure to check that it has authorization to run web services. Also, try resetting the password for the user once.

You may also refer SAP Note 1085586 and 1296632.

Regards,

Raghu

Show replies
Show replies
Former Member
‎08-20-2011 8:22 AM
0 Kudos

Thanks Raghu, for the hint given me.

I have checked the notes gived in your reply, I did not understand the following mentined as per the note:

1. Go to CC:

Configuration Tab => Connectors => Search.

Search for the connector and select the connector and click "Change button" and copy the SID field value.

My question is: Do we need to configure CC in ABAP?, Yes I did its working fine at ABAP level.

Note: Risk analysis is working fine in RAR before i configured the above said setting

2. Now go to Access Enforcer and create a new connector with name same as the value you got from SID field in CC and also provide all the other required values for connector and save it.

My question is: We configure the SID as Local in CC. if we give any other name its not allowing me to run risk analysis @ ABAP level.

My system settings FYI:

Host Name: SAPGRC

User Name: SAPGRC (Comminication user) has sap_all and all the ume roles

Connector Name: GRC -in CUP

Connector Name: GRC -in RAR

SID:GRC

RFC destination for release CC5.X = CCRISKANALYSIS

CCRISKANALYSIS is maintained in TCP/IP with the server regisetered program GRCRTT0CC5X, the same i have used it in RAR report name.

Former Member
‎08-21-2011 10:00 AM
0 Kudos

Hi Krishna,

The backend user should also have the SAP Java roles. Can you assign them and try?

Other settings seems to be fine.

Regards,

Raghu

koehntopp
Product and Topic Expert
Product and Topic Expert
‎08-22-2011 9:33 AM
0 Kudos

Hi guys,

I have to say, I'm finding it hard to follow your discussion.... why are you talking about the backend user at all? CUP risk analysis calls a Java web service provided by RAR, so it's http/J2EE only.

- If RAR can do risk analysis the backend user should be fine

- Use the connector name (the first line in connector definition) IDENTICALLY in both CUP and RAR

- Create a UME (! - i.e. Java) user for the web service. Give it a UME role that can do risk analysis

- Make it a technical user so that the password will not expire

- Use that user and password plus the correct web service URI in CUP configuration.

That should do the trick

Frank.

Former Member
‎08-30-2011 5:06 AM
0 Kudos

Hi Frank,

I have assigned SAP_BC_JSF_COMMUNICATION role to SAPJSF and added I could able to create user ids from Java now.

I have created the user id WEBUSER assinged all the java roles i.e. including all GRC roles. This user id type is communication users.

Still I am facing the problem,

Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html'

Could you pls help me,

Thanks.

Regards,

Sumanth

Former Member
‎08-30-2011 5:15 AM
0 Kudos

Dear Frank & Raghu,

My issue was resolved. Thanks for your help all the time.

01)What i did was i have changed the user type to dailog and changed the initial password

02)Now changed the user type to Communication

03)Maintained the user id and new password in connectors and risk analysis url.

Regards,

Sumanth Kethireddy

koehntopp
Product and Topic Expert
Product and Topic Expert
‎08-30-2011 5:54 AM
0 Kudos

You beat me to the solution

The web service would normally return an XML document. "text/html" indicates that instead you got an html page, which is the one asking you to change your initial password.

Your Java user is fine, but you should make him a type "Technical User" so that the password won't expire.

The security guide lists the authorizations that the ABAP user should have. I would advise against using anything starting with SAP, as that's not intended for productive use. You can also build on the "/VIRSA/*_DEFAULT_ROLE" roles there. The ABAP RFC user roles do need the VIRSA authorization objects sooner or later.

Frank.

Answers (0)

Ask a Question