CUP-RAR Risk Analysis error

Similar Messages

• SAP GRC AC 5.3 - RAR Risk analysis Error Log

  Hi
  i have scheduled the background job for full sync risk analysis for the first time . the job ended with status error . critical analysis, user,role and profile action analysis is shown 100% . but the user permission analysis shows 49% , role and profile permission analysis show 97% each . where can i check the log for the errors . do i need to run the whole risk analysis job again ? when i check the management reports , risk violations are shown as zero . Please let me know how i can proceed at this stage . thanks
  Regards
  Prasad

  Thanks.
  First time please do for all users. I assume this was first time and it failed, so i will suggest you scheudle for all.
  once these are done, then periodic jobs should be increamental.
  few tips :
  - schedule user sync separate job and once it finish only then scheudle role sync and when role sync finishes, only then schedule profile sync
  - always select system ids from search help (which is F4 in ABAP)
  - best scheudle one job per system id, so that when failure occurs, so that error analysis is easy
  regards,
  Surpreet

• CUP 5.3 (SP12) Risk Analysis Errors in CUP

  Hello Experts,
  When I run risk analysis in CUP for user provisioning. I get an error message:
  Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html'
  Connector names are the same across all the components. We have a CUP test environment with SP11, and we did not have this kind of errors. I virtually tried everything I could.
  If you can, please assist me.
  HM

  Hello HM, 
  I had this error when I first upgraded to SP12 but I don't know if it is a SP issue or not.
  My CUP --> RAR SOD Analysis works for me on SP12.
  You might try double checking the following:
  1. Check all CUP configuration Web Service parameters in CUP --> Configuration --> 1) Risk Analysis & 2) Mitigation.
  2. Check that you uploaded the latest UME roles that were delivered with SP12.
  3. Check the UME user that is configured in CUP for risk analysis to make sure the password is still correct and that it has enough assigned roles.
  4. Make sure you uploaded all the required XML configuration files to CUP --> Configuration --> Initial System Data.

• GRC Access Control 5.3 - RAR Risk Analysis in offline mode

  Hi expert,
  I'm trying to do RAR Risk Analysis in offline mode following this guide (https://www.sdn.sap.com//irj/sdn/go/portal/prtroot/docs/library/uuid/20a06e3f-24b6-2a10-dba0-e8174339c47c). But to generate User Action file the ABAP have a problem when try to get a COMPOSITE ROLE field for a Role that is asociate to many Composite role as the unique record consists of fields IDUSER, ROLE and ACTIONFROM . Someone know how we can solve this conflict?
  Best Regards!

  I'm sorry, I think I haven't made myself clear enough. The thing is that the User Action File has a "Composite Role" field and we don't know how fill it when the Single Role belongs to multiple Composite Roles. This is because of the primary key, we can't make multiple records for each userid/role combination, each one with one different Composite Role, such as the following example:
  USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE1
  USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE2
  USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLEN
  Should we instead do only one record with all the composite roles? What character should we use to separate the composite role names? A ",", a ";"? For example:
  USERIDX/ROLEX/ACTIONX/ACTIONX/PROFILEX/COMPOSITEROLE1_,_ COMPOSITEROLE2_,_ COMPOSITEROLE3
  Hope I explained myself. Thanks for your help.

• Can you download RAR Risk Analysis reports to something other than Excel?

  When you run a RAR Risk Analysis and go to export the resulting reports, RAR automatically exports this into an Excel spreadsheet.
  Is it possible to export the reports into some other kind of format/tool?  (SQL would be ideal.)
  We are on GRC 5.3 SP13.
  Thanks.

  Our CMG group runs a company-wide risk analysis 2-3 times a year to use in their SOD Review process.  We are looking into loading this report into QuickView to give them more capabilities with using the report.  QV will work with Excel, but you have to load every spreadsheet and every page separately. 
  We are looking to see if we could download it into some other format that would contain all of the report in just one file.  Would make the QV load easier.  Something like SQL would probably be ideal.
  Thanks.

• CUP Risk Analysis Error

  Hi Experts,
  OUR GRC AC system configuration is: GRC AC 5.3 CUP Patch 7.0. One of our enduser has requested for a new role through CUP. While the manager performs the risk analysis, it is showing the following error: "Risk Analysis failed: Exception in getting the result from the webservice: service call exception, nested exception is: java.net.socket Timeout Exception: Read timout".
  Below is the system log of CUP for futher reference:
  2009-12-02 11:08:41,428 [SAPEngine_Application_Thread[impl:3]_12] ERROR com.virsa.ae.core.BOException: Exception in getting the results from the web service : Service call exception; nested exception is:
                  java.net.SocketTimeoutException: Read timed out
  com.virsa.ae.core.BOException: Exception in getting the results from the web service : Service call exception; nested exception is:
                  java.net.SocketTimeoutException: Read timed out
                  at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
                  at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1073)
                  at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:300)
                  at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:109)
                  at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
                  at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
                  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
                  at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
                  at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
                  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
                  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
                  at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
                  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
                  at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
                  at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
                  at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
                  at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
                  at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
                  at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
                  at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
                  at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
                  at java.security.AccessController.doPrivileged(AccessController.java:219)
                  at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
                  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Caused by:
  com.virsa.ae.service.ServiceException: Exception in getting the results from the web service : Service call exception; nested exception is:
                  java.net.SocketTimeoutException: Read timed out
                  at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:343)
                  at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:451)
                  at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:569)
                  at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
                  at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
                  ... 24 more
  Caused by:
  java.rmi.RemoteException: Service call exception; nested exception is:
                  java.net.SocketTimeoutException: Read timed out
                  at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:90)
                  at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:99)
                  at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.getViolations(RiskAnalysisWS53DAO.java:311)
                  ... 28 more
  Caused by:
  java.net.SocketTimeoutException: Read timed out
                  at java.net.SocketInputStream.socketRead0(Native Method)
                  at java.net.SocketInputStream.read(SocketInputStream.java:153)
                  at java.io.BufferedInputStream.fill(BufferedInputStream.java:200)
                  at java.io.BufferedInputStream.read(BufferedInputStream.java:218)
                  at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.readLine(HTTPSocket.java:806)
                  at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getInputStream(HTTPSocket.java:341)
                  at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getResponseCode(HTTPSocket.java:250)
                  at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.getResponseCode(HTTPTransport.java:362)
                  at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.outputMessage(MimeHttpBinding.java:553)
                  at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1432)
                  at com.virsa.ae.service.sap.ws53.Config1BindingStub.execRiskAnalysis(Config1BindingStub.java:83)
                  ... 30 more
  Could anyone please analyze, where it went wrong.
  Thanks a lot in advance.
  Regards,
  Gurugobinda

  We are facing this issue as well. This is seen in requests where there are a lot of conflicting roles requested, or if the user on the backend already has many SoD conflicts.
  How many risk violations did show up in the RAR simulation? Seems that above 1000 you will get performance issues in CUP risk analysis.
  We are also on SP7 and we did receive a reply from SAP that the risk violation threshold can be changed in RAR as of SP9:
  =======================================================
  From CUP 5.3 SP9 onwards, we have one parameter in RAR in
  'Configuration>Risk Analysis>Performance Tuning' which will
  enable you to set threshold violation limit for the Risk Analysis web
  service. The name of the attribute is 'Threshold Violation Limit for webservice' and default value of this attribute is 1000.
  When you perform risk analysis from CUP and the violation data count
  exceeds this limit then error message will appear.
  Setting this attribute will help tuning your performance.
  ==========================================================
  Regards,
  Stefan.

• ERM & CUP: Risk Analysis Error

  Hello everyone,
  Will someone please urgently help us with this issue?  Any suggestions are greatly appreciated!  : )
  We are on AC v5.3 SP 8.  In RAR, we are able to run a Risk Analysis both in the foreground and background across all users and roles.  However, when we try to run a Risk Analysis in ERM or CUP, we get an error saying that the "Risk Analysis Failed".  The other strange thing is that the error does occur for every role in ERM--just most of them.  Also, the ERM management dashboard reflects the correct number of roles in the SAP back-end system, but it says that there are 0 risk violations, which is incorrect.
  I have checked that the connectors into RAR successfully connect.  I have confirmed the servers.  I have re-run all of the background jobs in RAR, ERM and CUP, but nothing seems to be working.
  Is there anybody that can please help us?
  Thank you!
  Johonna

  Hello Amol,
  Thank you for your suggestions.  I have confirmed that the connectors, etc. are correct.  Here are some of the error logs u2026 any ideas?
  Thank you!
  Johonna
  95     12/15/09 12:20:51 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ADMINISTRATOR failed
  95     12/15/09 12:21:21 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ROLE_ADMINISTRATOR failed
  95     12/15/09 12:21:43 PM     Running     Risk anaysis for role ZAU:FF_VFAT_ROLE_CONTROLLER failed
  95     12/15/09 12:23:13 PM     Running     Risk anaysis for role ZAU:FI_AA_CLERK_AGN failed
  95     12/15/09 12:26:07 PM     Running     Risk anaysis for role ZAU:FI_AA_CLERK_GFA successful
  2009-12-15 14:36:17,889 [Thread-7999] ERROR Risk Analysis failed
  java.lang.Throwable: Risk Analysis failed at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:733)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
       at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
       at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
       at java.util.TimerThread.mainLoop(Timer.java:432)
       at java.util.TimerThread.run(Timer.java:382)
  2009-12-15 14:36:24,811 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
  2009-12-15 14:36:24,811 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
  java.lang.Throwable: Risk Analysis failed
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getTranViolations(RiskAnalysisEJBDAO.java:331)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:171)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:205)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performTranLvlRiskAnalysis(RiskAnalysisBO.java:483)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:229)
       at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
       at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
       at java.util.TimerThread.mainLoop(Timer.java:432)
       at java.util.TimerThread.run(Timer.java:382)
  2009-12-15 14:36:34,561 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
  2009-12-15 14:36:34,561 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
  java.lang.Throwable: Risk Analysis failed
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getObjViolations(RiskAnalysisEJBDAO.java:812)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingObjects(RiskAnalysisEJBDAO.java:596)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingObjects(RiskAnalysisEJBDAO.java:633)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:693)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
       at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
       at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
       at java.util.TimerThread.mainLoop(Timer.java:432)
       at java.util.TimerThread.run(Timer.java:382)
  2009-12-15 14:36:34,561 [Thread-7999] ERROR Risk Analysis failed
  java.lang.Throwable: Risk Analysis failed
       at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:733)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:234)
       at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
       at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
       at java.util.TimerThread.mainLoop(Timer.java:432)
       at java.util.TimerThread.run(Timer.java:382)
  2009-12-15 14:36:42,218 [Thread-7999] ERROR Risk Analysis failed for sytem: 'PRD'; Return Message: 'Risk Analysis failed'
  2009-12-15 14:36:42,218 [Thread-7999] ERROR com.virsa.core.service.ServiceException: Risk Analysis failed
  java.lang.Throwable: Risk Analysis failed
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getTranViolations(RiskAnalysisEJBDAO.java:331)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:171)
       at com.virsa.re.service.sap.dao.RiskAnalysisEJBDAO.getConflictingTransactions(RiskAnalysisEJBDAO.java:205)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performTranLvlRiskAnalysis(RiskAnalysisBO.java:483)
       at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysis(RiskAnalysisBO.java:229)
       at com.virsa.re.backgroundjobs.RiskAnalysis.execute(RiskAnalysis.java:73)
       at com.virsa.service.backgroundjobs.BackgroundTask.run(BackgroundTask.java:53)
       at java.util.TimerThread.mainLoop(Timer.java:432)
       at java.util.TimerThread.run(Timer.java:382)

• GRC 5.3: CUP risk analysis VS. RAR risk analysis

  I've installed and configured RAR and CUP.  When I do a risk analysis simulation in RAR on a user for adding a role, it comes back with no conflicts.  When I go into CUP and make a new request for adding the same role to the same user, it comes back with risk violations, but it looks like they are critical actions that are being flagged.  Why is there a discrepancy, and how do I go about getting the same risks in CUP as I do in RAR?

  >
  Frank Koehntopp wrote:
  > I guess the behaviour is on purpose.
  >
  > In RAR, you can do a selective analysis on only one kind of risk. You usually only need to do that in the remediation process, where this kind of selection is helpful to track down the root cause (although I'd like to have an ALL option in RAR as well...)
  >
  > In CUP, you do want to see any kind of risk that might arise from a role assignement to a user.
  >
  > I have to say, I can not really understand why you'd want to switch off critical action or permission risks here. The user analysis in RAR and CUP serve two different purposes, hence I cannot see a bug here. If you have defined critical risks, why would you not want to see them???
  Hi Frank,
  I understand your point, but we are in the same situation as the others. We do not want to see Critical Action Risks in CUP because this is a separate process (for us) than Permission Level Risks Analysis piece. With our current structure, our Security Admins use RAR to run Permission Level Risk Analysis and mitigates appropriately. A separate compliance group uses the Critical Action reports to see who has what Critical tcodes, etc. We do not mitigate these "risks," we more or less use it as a report.
  I do not understand what you mean when you say "The user analysis in RAR and CUP serve two different purposes" - I feel it should be the same purpose, to ultimatley simulate if adding security to a user will cause SOD violations. If I have CUP configured to do Permission Level Analysis, that's all I want to be seeing in CUP.
  Let me know if I need to clarify further.

• RAR - Risk Analysis - Permission Level - V_VBAK_AAT||AUART - Error

  I have a trouble related with risk analysis at permission level, when the V_VBAK_AAT||AUART is activated in two functions of my customized GRC rule-set (VIRSA_CC_FUNCPRM) for controlling some "document types" for tcodes VA01 and VA02. When I execute this customization in RAR, the system says "No match / No conflicts" for the risks where these functions appear, however performing some queries in the back-end systems, I have realized there are more than 80 users in conflict for some of them, given the fact that they have value '*' in object/field V_VBAK_AAT||AUART.
  At a first time I thought that most probably would be related with the fact that these functions are part of risks that combine 3 and 4 functions at the same time, with OR logical activated in document types, but when I searched for the rules generated for these risks I noticed that only 34.000 rules were generated and this no overpass the limit of 45566 rules defined at RAR. Anyway, I performed some tests reducing the number of possible combinations and, basically, whenever the following line is activated, the outcome is u201Cno conflictsu201D:
  D VIRSA_CC_FUNCPRM FN15 VA01 GRC-C21 V_VBAK_AAT||AUART ZSO ZSO OR 0 null
  If this line is disabled, then, several users with conflicts are reported. As mentioned above, these users have value '*'   for object/field V_VBAK_AAT||AUART, so I do not understand why those users are not reported when the line above is activated.
  I have done the following checks, all of them correct:
  - The user/role/profile synchro has been done and all the users has been stored in table VIRSA_CC_
  - All the lines in VIRSA_CC_FUNCPRM part of my customized rule-set have been correctly inserted in the same Oracle table
  - All the combinations of rules has been created (including VA01 and VA02 with V_VBAK_AAT||AUART)
  Any suggestions?
  Thanks in advance

  I've detected the same problem for the following authorization objects:
  - F_BKPF_BLA||BRGRU
  - V_VBRK_FKA||FKART
  - M_MSEG_BWE||WERKS
  RAR reports no conflicts (at authoriztion level) when these objects are activated (of course having users with these conflicts in back-end systems)
  This problem has been proved in the installation of different customer with SAP GRC Access Control 5.3 SP12.
  Anybody else has experienced this issue????

• RAR Risk Analysis Issue in Background Mode - "Failed to Display Result"

  Hi,
  I have strange problem in RAR.
  When I run risk analysis for 20 users in background mode, the job got successful but the spool file is empty. But at the bottom of page there is a message:  "Failed to Display Result".
  The Job log is showing the following message couple of times:
  WARNING: ./virsa/bgJobSpool/19.i (No such file or directory)
  java.io.FileNotFoundException: ./virsa/bgJobSpool/19.i (No such file or directory)
       at java.io.FileInputStream.open(Native Method)
       at java.io.FileInputStream.<init>(FileInputStream.java:129)
       at java.io.FileInputStream.<init>(FileInputStream.java:89)
       at java.io.FileReader.<init>(FileReader.java:62)
  But When I try to run for few users (like 6 memebrs where selection criteria is AUDIT*) in same way, the spool details got displayed this time. But the log is showing strange error messages this time:
  Nov 15, 2010 3:53:53 PM com.virsa.cc.common.util.ExceptionUtil logError
  SEVERE: null
  java.lang.NullPointerException
       at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForUserInputElement.wdGetObject(IPublicBackendAccessInterface.java)
       at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
  Nov 15, 2010 3:53:55 PM com.virsa.cc.dataextractor.bo.DataExtractorSAP getObjPermissions
  FINEST: getObjPermissions: elapsed time=1436ms
  Nov 15, 2010 3:53:55 PM com.virsa.cc.common.message.util.MessagingHelper getMessage
  INFO:
  ********msg: 'com.virsa.cc.common.message.dao.dto.MessageDTO@34d834d8'
  Any ideas please?

  Hi Alpesh,
  You are correct. The issue is due to multi node environment.
  But when I tried to define a custom spool folder path: usr/sap/<SID>/<Instance No>/log/virsa/bgJobSpool (in RAR - Miscellaneous - spool files location for background jobs) & run the risk analysis report in background mode, still RAR is saving the spool files in default location only.
  Can you suggest me if I am wrongly defining the location of folder?
  Should we define the complete location of the folder i.e starting with drive letter or path starting with user/* is sufficient?
  Regards,
  Dasarad

• Risk Analysis Error

  Hello All,
  Does anyone got this error while runing risk analysis on business owner stage ( where runing risk analysis is mandotory).
  "Risk Analysis filed: Exception voilation exceeds the treshhold limit : THERESOLD : 1000DETAIL:17275:SUMM 1354:MGMT:3
  THANKS MUCH IN ADVANCE

  Hi,
  Go to RAR->Configuration(tab)->Risk Analysis->Performance Tuning and change the value of "Web service violation limit " accordingly.
  As mentioned in the parameter desc- if set this value  to 0 (zero) then there is no upper or lower limit.
  I did the same to avoid any limitation on the error count.
  Regards,

• Full Batch Risk Analysis Error

  We just upgraded to SP13.  I got the following error when I scheduled the Full Batch Risk Analysis.  Please help:
  Oct 9, 2010 3:10:21 PM com.virsa.cc.common.util.ExceptionUtil logError
  SEVERE: null
  java.lang.NullPointerException
       at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForUserInputElement.wdGetObject(IPublicBackendAccessInterface.java)
       at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
       at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
       at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
       at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
       at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.executeBAPI(InternalBackendAccessInterface.java:4696)
       at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:213)
       at com.virsa.cc.xsys.meng.MatchingEngine.getObjActions(MatchingEngine.java:792)
       at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:121)
       at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1367)
       at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:315)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1347)
       at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
       at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:334)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:86)
       at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
       at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
       at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
       at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
       at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
       at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
       at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
       at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:332)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
       at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Oct 9, 2010 3:10:22 PM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
  FINEST: ObjAuthMatcher constructed: 2ms, #singles=818, #ranges=0, #super=0
  Oct 9, 2010 3:10:23 PM com.virsa.cc.common.util.ExceptionUtil logError
  SEVERE: null
  java.lang.NullPointerException
       at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthChgUserInputElement.wdGetObject(IPublicBackendAccessInterface.java)
       at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
       at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
       at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
       at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
       at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedUsers(BackendAccessInterface.java:3674)
       at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedUsers(BackendAccessInterface.java:3664)
       at com.virsa.cc.comp.BackendAccessInterface.getObjDetails(BackendAccessInterface.java:1425)
       at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.getObjDetails(InternalBackendAccessInterface.java:4327)
       at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.getObjDetails(InternalBackendAccessInterface.java:4796)
       at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjDetails(DataExtractorSAP.java:630)
       at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.getObjInfoFromSource(AnalysisEngine.java:3969)
       at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1709)
       at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:315)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
       at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1347)
       at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
       at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:334)
       at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:86)
       at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
       at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
       at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
       at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
       at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
       at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
       at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
       at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
       at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:332)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
       at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
       at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
       at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Oct 9, 2010 3:10:23 PM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
  INFO:  Job ID:157 : Analysis done: 82547 elapsed time: 1760 ms

  rather than JCO, try running analysis with direct connection.
  in RAR you have option to give details of system.
  use that and if issue is resolved, then it means some problem with JCO connection.
  if issue is still not resolved, then please create OSS message.
  regards,
  Surpreet

• Risk Analysis error in AE

  Hi all,
  I am getting the following error message when trying to run a risk analysis in AE, which seems to be different from the error messages that others have posted in this forum.
  Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html'
  Any help on this is appreciated.
  Thanks!
  Erin

  Thank you - although my error message was different from others, the problem was the same - my naming convention for connectors in CC and AE were different, and the systems could not communicate.
  I found this post very helpful in solving the problem:
  Governance, Risk and Compliance (SAP GRC)
  Thanks!
  Erin

• Risk Analysis Error - Access Enforcer

  Hi Experts,
  I am getting error while running risk analysis in Access Enforcer and the error is
  <b>Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: java.lang.Exception: Incorrect content-type found 'text/html'
  </b>
  We are using seperate RFC IDs for Access Enforcer connector and Comlaince Calibrator connector.
  Please help me.
  Thanks&Regards,
  Vijay

  Reddy,
  The user must indeed be created in the UME as a Compliance Calibrator user.
  I don't know exactly which role he should be assigned, usually I indicate there my CC admin user-id and password.
  When you see it is working with that user-id, you can try to re-fine the roles.
  Some more info regarding what needs to be set in the URI in case the one I inducated in my previous answer is not working:
  "There are two selectable versions of Compliance Calibrator. If you select 5.0 Web Service, three additional fields appear (URI, UserName, and Password). For the URI field, you need to navigate to the SAP NetWeaver Web Application Server Home page > Web Services Navigator > CCRiskAnalysisService > WSDLs > Standard link of Document, where you will see a list of all web services in the server. Select the desired URI address. If you select Compliance Calibrator 4.0, there is no need to connect to a URI address."
  Karim

• AE5.2, CC5.2 Risk analysis error

  When performing a risk analysis in AE we get the following error:
  Risk analysis failed: Exception in getting the results from the web service : Service call exception; nested exception is: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (400) Bad Request. The requested URL was:"http://HOST:PORT/VirsaCCRiskAnalysisService/Config1?wsdl"
  In AE config --> risk analysis we have setup
  Version: 5.2 Webservice
  URL: http://host:port/VirsaCCRiskAnalysisService/Config1?wsdl
  username: admin user for CC
  any ideas??
  thanks
  Naveed

  solved it.
  I was using the correct webservice, VirsaCCRiskAnalysisService
  but the link that is required is in RPC section under the folder for this service.
  Naveed