Skip to Content

SOD Violations limits Webservices CUP to RAR

Hi experts,

I have a question about the limits of SoD Violation within the webservice, who is called in the approval process from the CUP to the RAR ruleset.

Are there any limits of the quantity SoD violations if the risk analysis is running from CUP?

How many SoD violation can the webservice handle it at least?

GRC CUP & RAR 5.3 SP12.

Thanks for feedback.

Cheers,

Martin

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

8 Answers

  • Jul 14, 2010 at 01:43 PM

    Hi Martin,

    there is a limit that you can either set or disable in RAR configuration.

    In my opinion, if you have to disable this because you're exceeding it in every other CUP request it may be better to postpone checking for risks and re-thinking the process (authorization design or risk definition).

    There's no sense in reporting too many risks in CUP as it will be next to impossible to deal with them in any meaningful way.

    Frank.

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 14, 2010 at 02:00 PM

    Hi Frank,

    Nice to hear you! 😊

    Yes I know this configuration setting, and we have already set to 0 (no limit). The customer has only a problem, if there are requests for support guys, they have quite a lot of authorizations, and we can't minimize that.

    Before we had SP12, we had the same roles and requests, and then was it working fine... after SP12, it didn't worked anymore.

    Do you know exactly the limit of violations in the webservice?

    Thanks in advance.

    Cheers,

    Martin

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Martin,

      wouldn't that be something you can use Firefighter for?

      If there's a change between SP11 and SP12, can ypu please chack the RAR and CUP logs at that time and tell me what the exact error message is?

      Thanks,

      Frank.

  • Jul 20, 2010 at 04:02 PM

    Hi Frank,

    Sorry for my late reply, but I had to organize the error message.

    What is special about the errors is, that they just situated in the developement system. The client has a 2-landscape environment for GRC. In the production, the request with the same content (roles) are working fine, but for the dev it doesn't work.

    The only difference is following Java Patch:

    sap.com SAP_JTECHS 7.01 SP6 (1000.7.01.6.8.20100630102532) SAP AG SAP AG 20100709104950

    If we are going to run the riskanalysis, the following error message will be created:

    ERROR java.rmi.RemoteException: Service call exception;nested exception is:

    java.net.SocketTimeoutException:Read timed out

    ....

    If you need more information, I can give you this next week.

    Any idea?

    Thanks,

    Martin

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member Former Member

      Hi Martin,

      After following all the suggestions mentioned by all the experts here, make sure to create a service level for the request type by going to Configuration -> service levels as I can see an error relating to this.

      Regards,

      Alpesh

  • Jul 26, 2010 at 09:40 AM

    Hi Frank,

    Here are the logs form the apps.

    CUP:

    2010-07-26 10:55:32,429 [SAPEngine_Application_Thread[impl:3]_12] ERROR Ignoring exception

    com.virsa.ae.core.NoRecordsFoundException: no service level values are found for request attributes : {VERSION=V.07, ANSTELLUNG=intern, Request Type=CHANGE, Application=[Q1M100], Priority=MITTEL, Company=SWISSCOM, Functional Area=SBC, Role=[ZS:A_P1M_SERVSUPP_PAR], Functional Area of Role=KON}

    at com.virsa.ae.accessrequests.bo.SelectServiceLevelHelper.getServiceLevel(SelectServiceLevelHelper.java:92)

    at com.virsa.ae.accessrequests.bo.RequestBO.getDueDate(RequestBO.java:9840)

    at com.virsa.ae.accessrequests.bo.RequestBO.saveRequestHeader(RequestBO.java:9670)

    at com.virsa.ae.accessrequests.bo.RequestBO.saveNewRequest(RequestBO.java:462)

    at com.virsa.ae.accessrequests.actions.CreateRequestAction.createRequest(CreateRequestAction.java:345)

    at com.virsa.ae.accessrequests.actions.CreateRequestAction.execute(CreateRequestAction.java:93)

    at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    2010-07-26 11:04:41,861 [SAPEngine_Application_Thread[impl:3]_10] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;

    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)

    at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)

    at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1138)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:365)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:114)

    at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    2010-07-26 11:04:41,863 [SAPEngine_Application_Thread[impl:3]_10] ERROR Exception during EJB call, Ignoring and trying Webservice Call

    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)

    at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)

    at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1138)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:365)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:114)

    at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    Caused by:

    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)

    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)

    ... 28 more

    2010-07-26 11:19:41,742 [SAPEngine_Application_Thread[impl:3]_10] ERROR java.rmi.RemoteException: Service call exception; nested exception is:

    java.net.SocketTimeoutException: Read timed out

    java.rmi.RemoteException: Service call exception; nested exception is:

    java.net.SocketTimeoutException: Read timed out

    at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:90)

    at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:99)

    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:311)

    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:451)

    at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:574)

    at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)

    at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1138)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:365)

    at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:114)

    at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)

    at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)

    at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    I hope that thats OK?

    Thanks

    Martin

    Add comment
    10|10000 characters needed characters exceeded

  • Jul 26, 2010 at 09:44 AM

    RAR log:

    Jul 26, 2010 11:05:45 AM com.virsa.cc.xsys.riskanalysis.dao.dto.RAReportDTO readSpoolReportLines

    FINEST: readSpoolReportLines done, lines read=10000 memory changed=63M, free=1508M, total=4096M, time spent skip:112ms, total: 242ms

    Jul 26, 2010 11:07:00 AM com.virsa.cc.xsys.riskanalysis.dao.dto.RAReportDTO readSpoolReportLines

    FINEST: readSpoolReportLines done, lines read=10000 memory changed=60M, free=1395M, total=4096M, time spent skip:136ms, total: 263ms

    Jul 26, 2010 11:08:16 AM com.virsa.cc.xsys.riskanalysis.dao.dto.RAReportDTO readSpoolReportLines

    FINEST: readSpoolReportLines done, lines read=10000 memory changed=63M, free=1585M, total=4096M, time spent skip:172ms, total: 298ms

    Jul 26, 2010 11:09:04 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : Analysis done: TWIHBU00 elapsed time: 259764 ms

    Jul 26, 2010 11:09:04 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : 1 out of 1 (100%) done

    Jul 26, 2010 11:09:04 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : All Analysis done, elapsed time: 261770 ms , memory usage: free=1491M, total=4096M

    Jul 26, 2010 11:09:04 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysisRE

    INFO: performActPermAnalysis completed ...

    Jul 26, 2010 11:09:04 AM com.virsa.cc.xsys.riskanalysis.dao.dto.RAReportDTO readSpoolReportLines

    FINEST: readSpoolReportLines done, lines read=10000 memory changed=43M, free=1444M, total=4096M, time spent skip:0ms,

    Jul 26, 2010 11:33:49 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : Before Rules loading, elapsed time: 3 ms

    Jul 26, 2010 11:33:49 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : Rules loaded, elapsed time: 90 ms

    Jul 26, 2010 11:33:49 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : # objects to analyse: 1

    Jul 26, 2010 11:33:49 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis

    INFO: Foreground : Analysis starts: TWIHBU00

    Jul 26, 2010 11:33:49 AM com.virsa.cc.common.util.ExceptionUtil logError

    SEVERE: null

    java.lang.NullPointerException

    at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForUserInputElement.wdGetObject

    Jul 26, 2010 11:33:51 AM com.virsa.cc.common.util.ExceptionUtil logError

    SEVERE: null

    java.lang.NullPointerException

    ....

    (ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    Jul 26, 2010 11:33:55 AM com.virsa.cc.xsys.meng.ObjAuthMatcher

    FINEST: ObjAuthMatcher constructed: 417ms, #singles=73099, #ranges=0, #super=0

    Jul 26, 2010 11:33:55 AM com.virsa.cc.common.util.ExceptionUtil logError

    SEVERE: null

    java.lang.NullPointerException

    at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForUserInputElement.wdGetObject(IPublicBackendAccessInterface.java)

    at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)

    at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)

    at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)

    at com.virsa.cc.comp.BackendAccessInterface.getObjPermAuth(BackendAccessInterface.java:623)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.getObjPermAuth(InternalBackendAccessInterface.java:4271)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.getObjPermAuth(InternalBackendAccessInterface.java:4740)

    at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjPermissions(DataExtractorSAP.java:307)

    at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjPermissions(DataExtractorSAP.java:263)

    at com.virsa.cc.xsys.meng.MatchingEngine.getObjPermissions(MatchingEngine.java:987)

    at com.virsa.cc.xsys.meng.MatchingEngine.matchPrmRisks(MatchingEngine.java:466)

    at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1528)

    at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysisRE(AnalysisEngine.java:4585)

    at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonWS.start(AnalysisDaemonWS.java:83)

    at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)

    at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)

    at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)

    at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)

    at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)

    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)

    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)

    at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)

    at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)

    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)

    at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)

    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)

    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    Jul 26, 2010 11:33:58 AM com.virsa.cc.dataextractor.bo.DataExtractorSAP getObjPermissions

    FINEST: getObjPermissions: elapsed time=2802ms

    Jul 26, 2010 11:33:58 AM com.virsa.cc.common.util.ExceptionUtil logError

    SEVERE: null

    java.lang.NullPointerException

    at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForRoleInputElement.wdGetObject(IPublicBackendAccessInterface.java)

    at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)

    at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)

    at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)

    at com.virsa.cc.comp.BackendAccessInterface.getObjPermAuth(BackendAccessInterface.java:623)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.getObjPermAuth(InternalBackendAccessInterface.java:4271)

    at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.getObjPermAuth(InternalBackendAccessInterface.java:4740)

    at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjPermissions(DataExtractorSAP.java:307)

    at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjPermissions(DataExtractorSAP.java:263)

    at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjPermissions(DataExtractorSAP.java:244)

    at com.virsa.cc.xsys.meng.MatchingEngine.getObjPermissions(MatchingEngine.java:1011)

    at com.virsa.cc.xsys.meng.MatchingEngine.matchPrmRisks(MatchingEngine.java:466)

    at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1528)

    at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysisRE(AnalysisEngine.java:4585)

    at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonWS.start(AnalysisDaemonWS.java:83)

    at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)

    at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)

    at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)

    at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)

    at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)

    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)

    at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)

    at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)

    at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)

    at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)

    at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)

    at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)

    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)

    at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

    at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

    at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

    at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

    at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

    at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)

    at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

    at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

    at java.security.AccessController.doPrivileged(AccessController.java:219)

    at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)

    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)

    Jul 26, 2010 11:33:58 AM com.virsa.cc.xsys.riskanalysis.dao.dto.RAReportDTO readSpoolReportLines

    FINEST: readSpoolReportLines done, lines read=10000 memory changed=206M, free=490M, total=4096M, time spent skip:1015ms, total: 1145ms

    Jul 26, 2010 11:34:05 AM com.virsa.cc.dataextractor.bo.DataExtractorSAP getObjPermissions

    FINEST: getObjPermissions: elapsed time=7688ms

    Jul 26, 2010 11:34:05 AM com.virsa.cc.common.util.ExceptionUtil logError

    SEVERE: null

    Add comment
    10|10000 characters needed characters exceeded

    • Hi Martin,

      the error is clearly caused by RAR which somehow can't read authorization data properly (73000 TCodes - are you serious????).

      Maybe it's an RTA timeout, or another type of connectivity issue between GRC DEV and the ERP system - please look there.

      As RAR does not complete risk analysis, CUP gets a timeout. The Service Level message is a cosmetic issue if you don't use service levels. I usually create a dummy one just to get rid of that message.

      Frank.

  • Jul 27, 2010 at 11:21 AM

    Hi experts,

    Thanks for the feedback, I will going to check.

    As you has recommended, I did a risk analysis for this specific user in RAR, and there was just one risk violated. I think the problem is not the high count of risk violations for the user, the problem is somewhere else.

    I will going to implement and check this issues, and give feedback this week.

    Thanks for your help!

    Martin

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Martin,

      Did you run simulation in RAR or normal risk anlaysis? You need to run Simulation in RAR by adding the same role to the user which you are assigning in CUP request. This will give you the correct picture. CUP risk analysis is always a simulation where CUP tries to simulate the risk anlaysis by assigning the roles to user.

      I hope it helps.

      Regards, Varun

  • Aug 03, 2010 at 11:40 AM

    Hi,

    Yes I did a simulation on RAR and there it works. It takes quit a long time as well.

    At the moment, they are checking the connections and the RTA, if there anything missing.

    Today I check the request again and found another point, which I thought it should works.

    The role, which is in the request is defined as "critical role" in RAR. I thought that if I define the role as "critical" it wouldn't consider this role in the risk analysis.

    Is it like this?

    I thought, that it was working before!

    What's your opinon?

    Thanks,

    Martin

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Martin,

      Did you check the following:

      1. The role needs to be defined as critical role in RAR -> Rule Architect -> Critical Role.

      2. The Parameter "Ignore Critical Role/Profile Needs to be set to YES.

      I tested this on SP12 and it did ignore the critical roles from the risk analysis in CUP.

      As for the RAR simulation, RAR is able to handle the long running risk anlaysis and does show the results when you run simulation but CUP does not handle that very well. I belive it would be evident now that you have run simulation in RAR and have found it also running for long time.

      Regards, Varun

  • Aug 03, 2010 at 12:41 PM

    Hi Varun,

    I have checked the configuration and it looks fine. We have defined this role as "critical" in RAR, excatly why we know, that this role has a lot of risks inside.

    I had the same issues with the SP08, with SP10 it was corrected by SAP. Now, it looks like, is the same issue again...

    The risk analysis from cup ignored the settings and configurations completly...

    Maybe I should make a ticket...,

    Thanks,

    Martin

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hello Martin,

      I have the some problem as you, and i don't know what was the solution for you ?

      Thank you in advance for your help

      Best Regards

      Lamiaa