Risk Analysis mandatory before approvation?

Referring to this discussion: How to switch on mandatory risk analysis in Business Role Management?
I'd like to propose another scenario.
Now Risk Analysis is before profile generation and it is correct in this way.
But also Risk Analysis must be mandatory in that step (before approvation) and NOT ONLY during profile generation.
Is it possible to setup a "specific" configuration in this way?
Thanks.
Ettore

Hi Ettore,
you need to Create deterrent Methodology.in Access Control > Role Management> Define Methodology Process and Steps >
Example Methodology 1 for only steps sequence 1,3,4,5 (With Risk Analysis) and
other Methodology 2 for only steps 1,2,3,5 (Without Risk Analysis)
Now Assign those Methodology in Access Control > Role Management> Associate Methodology Process to condition Group.
Now call those condition group name from BRF+ decision table.
Thanks, Arif

Similar Messages

  • Risk Analysis Mandatory while rejecting a request

    Hi experts,
    We are using GRC 5.30  CUP SP 8
    I have made risk analysis mandatory in the final stage. This is to prompt the risk analysis message when the user is trying to approve the request without running risk analysis to check for SOD conflicts.
    However, the system promptsfor risk analysis even when I am rejecting the request. How can this be avoided?
    It is causing the request to be on an endless loop and I am unable to reject the request unless the risk analysis settting is turned off in this stage..
    Is this a bug in 5.3 or has anyone got this issue so far?
    Appreciate your response..
    Thanks
    Siri

    Hi Siri,
    As Alpesh has said this is fixed in SP10. Prior to that, the risk analysis is either on or off regardless of the decision being made at the approval stage.
    Simon

  • Risk analysis after approval in CUP

    Hi,
    Can it be possible? CUP to do automatic risk analysis after the request is approved by the role approvers.  If there are no risks, roles will get provisioned. If risks exist based on the risk ID to have the request forwarded to the risk owner where the mitigation control, monitor details are entered.
    Please provide your inputs.
    Thanks
    R R

    Not a good idea, generally.
    What you can do is have the risk analysis performed automatically on request submission. The approvers would see the risks, but you can allow them to ignore them and have a detour on the last approval step.
    This has a few quirks:
    - if your last approval is a role approver, i.e. there may be a split approval to several people, the detour is tricky.
    - if one of the approvers changes something in the request, the risk analysis is invalid.
    I would also question the general idea - usually in case of risks, one of the approvers should also take action. If all they do is approve, get them out of the way.
    Unfortunately there is no step that says "automatic risk analysis, no manual approval required". That's an enhancement I would also welcome.
    Frank.

  • AC10 - Auto risk analysis and auto mitigation

    Hi,
    I was wondering if it is possible to
    - run an automatic risk analysis at the end of an approval stage of the workflow, the same way it is possible to configure at the time of request sending?
    - automatically put a mitigating control in the request for the risks found?
      In our case, there is only one mitigating control for each risk and the assignment of the control is an unnecessary manual task to perform. The mitigation assignment will be approved in a seperate WF by the mitigation owner.
    It seems there is no out of the box solution to this, so any alternative suggestions are welcome.
    Thanks,
    Daniela

    Hi Daniela,
    If I may give my opinion, I would probably break your question down into 2 parts.
    1) Auto Risk analysis at the end of a stage - Making "Risk Analysis Mandatory" at that stage is probably the method. Unfortunately this does mean clicking one or two buttons (so not fully automated). Think AC uses this method to ensure the reviewer is aware of the conflicts caused etc.
    2) Auto Mitigation - For a business access workflow in a 'Live' situation, this is probably not a good idea,  as analysing and making the decision on whether to proceed with the request should really be performed by an actual person responsible for that stage in the work flow e.g. Role Owner or Security Lead etc. You would not want to mitigate all risks automatically (if I have understood correctly that you have a mitigation per risk ID). In theory, an automated mitigation process would mitigate all risks without discrimination.
    On a side note, there is a configuration setting under SPRO for Access controls as follows
    "Risk Analysis- Access Request : Param ID 1072 - Mitigation of critical risk required before approving the request". By enabling this configuration, you could force a mitigating control to be applied to any user requesting Critical Access.
    Hope this helps.

  • Risk Analysis not performed when using IDM WS

    Hi ,
    We are using the SAP delivered IDM WebService for submitting Access requests to CUP 5.3 SP8 Patch1.
    We have defined the properties:
    1. Perform Risk Analysis on Request Submission - YES
    2. Risk Analysis Mandatory (approval stage) - YES, When Access Changed
    3. Approve Request Despite Risks - NO
    (This setting will enable the approver to approve the access request without performing a Risk Analysis, if the initial risk analysis doesn't identify any risk with the access request. But if there are risks, the approver need to mitigate the same before he can approve it.)
    But we have found out that when submitting a request through the SAP Delivered IDM WS -'SAPGRC_AC_IDM_SUBMITREQUEST', the system DOESN'T perform RA during request submission. But when the request is submitted directly in CUP, it does.
    We've referred the Note:1168508 where it's mentioned that this issue is being fixed with SP7 Patch 1. But we are already on SP8.
    The Note says:
    "The following issues are resolved as part of Support Package 7 Patch 1:"
    and the last bullet point states that:
    "While submitting a CUP Request from web service, if the flag for Risk Analysis on submission is set not performing the Risk Analysis on submission."
    This feature was not working before and hence thought SAP has fixed it as mentioned in the Note.  Has anybody suceeeded in getting this feature working???
    Thanks & Regards,
    Anil

    Yes Dries, we have tried both and we happen to see some exceptions on request submission thru WS.
    But the request is still getting created. I've an open tkt with SAP to follow it up..I'll update once i get this fixed.
    Exception Details:
    Exception during EJB call, Ignoring and trying Webservice Call 
[EXCEPTION]
com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/w...
    Full Message Text
    Exception during EJB call, Ignoring and trying Webservice Call
     com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:294)
    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:418)....
    at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by: java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:304)
    at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:276)
    ... 44 more
    Thx,
    Anil

  • Skipping the risk analysis

    Hi All,
    I have  CUP .net version in GRC.We have a risk analysis mandatory for every request.I want to know if I can skip the risk analysis for some orders in CUP.How I can do it.
    Thanks in advance

    Yes, you can skip.
    Goto -> CUP Configuration -> Workflow -> Stage -> Addition configuration -> Risk Analysis Mandatory ->NO
    Suggest you to perform risk analysis if its part of your process..
    Rakesh

  • Issue in ERM - GRC AC 10 - Is risk analysis not mandatory

    Hi,
    We have defined our Role Methodology in 10 as Define Role - Maintain Authorizations - Analyze access risks - Derive role - approval - generation
    When we defined the role and maintained authorization data and proceeding without running risk analysis the role is moving to the next stage without stating any warning that "Risk Analysis is Mandatory". Upon click on Save & COntinue it is proceeding to further stages.
    Is there any parameter which needs to be set to throw a warning message for Risk Analysis to be run before the role is moved to next stage.
    We arleady set the paramater 3011 as YES - Conduct Risk Analysis before Role Generation.
    Thanks and Best Regards,
    Srihari.K

    Hi,
    Note the definition of the parameter 3011 as per "Maintaining Configuration Settings Guide - SAP AC 10.0":
    "Set the value to YES to automatically perform risk analysis when the user generates roles."
    This parameter applies only at generation stage.
    Cheers,
    Diego.

  • ARQ: Risk Mitigation Mandatory and Request Forward causing problem???

    Hi,
    I have a scenario where in, at a certain stage, "Risk Mitigation" is made mandatory and also "Forward Request" option is available at this stage for the same approver.
    What is happening is that, when this approver tries to approve the request without mitigating the risks, it gives error message and request can not be approved. This is fine and going as per the configuration.
    Now the same approver is trying to forward the request to some other person for some business reasons (with "WITH RETURN" check box checked and disabled). This request is reaching to the desired recipient as expected. But the problem is that, when after providing his comments (a business requirement before mitigating risks, if need be) if he tries to approve (submit) the request, application gives the same error message that: "Request can not be submitted. Mitigate Risk XYZ"!
    Due to this, request can not be submitted and sent back to main approver! I noticed that, the request still lies on the same stage and the same stage configuration is being considered for this forwardee too!
    This is keeping the request hanging as this forwadee is not authorized to mitigate the risks.
    Can any one please help me resolve this?
    Regards,
    Faisal

    Alessandro,
    Thanks for your reply.
    Now I see (as confirmed) that we have technical limitation or application design that when we forward a request, it DOES NOT change the stage (even I noticed this). So I was thinking that only we have "SUBMIT" button to send it back to the main approver.
    But as you said, this forwardee can use the same "Forward Request" option instead of "Submit" button. This looks the option here which suits the situation.
    But can you please tell me if we can do something to inform the forwardee that he must select "Forward Request" option and not Submit button?
    Because, this submit button is visible and he can click it without knowing! And then this error message of Mandatory risk analysis then appears!
    Is there any work around?
    Please advise.
    Regards,
    Faisal

  • CUP : RISK ANALYSIS FAILED for Multi systems

    Greetings,
    Risk Analysis through CUP is failing on a request containing multi system access.
    There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
    I have check already check the below and they seem working fine without any issue
    1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
    2. The risk analysis web service works as expected and there is no failure.
    3. The connectors have the same name both in CUP & RAR no difference
    4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
    5. The URI is setup correct and no issue identified there.
    6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
    When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
    Please let me know if I have missed anything?
    Line: -
    2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         ... 28 more
    2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more
    Edited by: Angara Rao on Mar 9, 2011 5:15 PM

    Greetings,
    Risk Analysis through CUP is failing on a request containing multi system access.
    There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
    I have check already check the below and they seem working fine without any issue
    1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
    2. The risk analysis web service works as expected and there is no failure.
    3. The connectors have the same name both in CUP & RAR no difference
    4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
    5. The URI is setup correct and no issue identified there.
    6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
    When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
    Please let me know if I have missed anything?
    Line: -
    2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
    com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
         at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
         ... 28 more
    2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
    com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
         at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(AccessController.java:219)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Caused by:
    com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
         at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
         at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
         at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
         ... 24 more
    Edited by: Angara Rao on Mar 9, 2011 5:15 PM

  • CUP-RAR Risk Analysis error

    Hello experts,
    When an approver does risk analysis for adding a role to a user in CUP before approval, the system shows 0 risk(0 risks found), However when the role is added to the user in RAR simulation, there are Risks.
    Similarly,
    When an approver does risk analysis for a role in CUP before approval, the system shows 0 risk(0 risks found), However when the role is analysed in RAR, there are Risks.
    I have checked the Org Rules parameter in RAR (It was set to No as we are not using Org Rules).
    When I set the org rule parameter to Yes, I got exception " Risk analysis failed: EXCEPTION_FROM_THE_SERVICEInconsistency Org Rule Analysis Flag Parameter". I reset the parameter to NO.
    Many thanks,

    Hello Raghu
    Here is the note number: Note 1168120 - Risk Analysis and Remediation 5.3 Support Package (VIRCC).
    Also I would suggest going to:
    1. CUP - configuration -Risk analysis - And see if the web service link for Risk analysis is correct.
    Better would be to go to Netweaver Administration -Webdynpro console -and get the correct link.
    2. CUP -configuration - Mitigation and here also put the correct link for all four options there i.e. (Risk analysis, Mitigation etc),
    Hopefully this should solve the problem .I donu2019t think it is related to org level.
    If problem still persist, kindly paste the log.
    Best Regards
    Asheesh

  • Risk Analysis in CUP not working

    Hello Experts, we are using GRC 5.3. In CUP, I am trying to approve Role Provisioning. One of the requirements is to run Risk Analsys (as it says 'Risk Analysis is Mandatory'). When I hit the 'Risk Analysis' button, the circle keep circling but, nothing seems to happen forever (no error message either). Can you guide me in the right direction? What could be the possible situation? And, where am I better off to start troubleshooting.
    Thank you.

    Well, the problem seems to be that I am connecting from VPN. From my analysis, after I reboot the laptop, I am able to analyze risk for the first 3 or 4 requests and after that I can't do risk analysis for any more requests until I reboot my laptop. If I login to a remote server (say Virsa server), I seem to have no problem at all. i am able to continuoiusly run risk analysis for multiple requests. The problem seems to be VPN or my laptop.

  • Risk Analysis On Request Submission property config

    Hi,
    We have configured the New and Change access request to go through a Role Owner Approval in CUP. As to enable the role owners aware of the reported risks with an access request when it lands in their Inbox, we have enabled the Risk Analysis config:  'Risk Analysis On Request Submission' to Yes. This setting makes the system to perform Risk Analysis using the RA webservice on ALL requests.
    But we are not enforcing the Risk analysis and mitigation in all systems that are provisioned through GRC CUP. The property seems global and hence we are looking for a work around to bypass the RA on requests for some systems or rather a system specific setting.
    Is there any tweak available with GRC 5.3 SP08 to achieve this?
    As of now, we don't maintain the RAR rules for the systems where risk analysis is non-mandatory, but notice that the system is unnecessarily performing RA amounting to inefficient utilization of  resources.
    Any help would be greatly appreciated.
    Thanks, Anil

    Anil,
    There will be a few seconds extra for each system not included in risk analysis, but it should realize very quickly that there are no rules for that system (and that it can't even connect to pull authorizations if it is a dummy system).
    Sorry there isn't a better answer, but it's the way it is built.
    Tyler

  • Risk Analysis for 2 open request in CUP

    Hi Team,
    If in CUP i have 2 open request by same user which individually may not give any Risk but collectively may have some risk assosiated with it how do i address this real time.
    (I iunderstand that this risks can be discovered in RAR but i want to address this in CUP itself)
    Scenarios:
    1]My Manager approves the request No. 1 and before this request is closed by Security he has another request ,request No. 2 by same user.
    2]Both the request by same user are pending with Manager.
    Is it possible to discover the risks in this 2 open request by Manager or say anyone in the path?.
    How should we handle such scenarios?
    Is there any way i can set a rule for open request.( The user should not be able to create same request type if he has an open request in this category)
    Please suggest.
    best regards,
    Charukesh

    Charukesh,
    I have not seen anyone configure risk analysis based upon consolidation of two pending requests.
    It would, of course, be possible to perform a manual simulation of the addition of the two roles.
    Or, once one is approved, the second would then trigger conflicts if re-run at the point of approval but I don't think that it is possible to configure automated analysis of one request while taking into account the other one which is also still pending.
    I would suggest contacting the Customer Advisory Group of SAP to get the confirmed answer to this though.
    Simon

  • Job Error- Batch Risk Analysis (Role Full Sync)

    Hi Experts,
    I have schedule the background job for Role analysis(Full Sync), but it gives an error- status error.
    all connections are working fine and pasted the error log for your reference.
    Oct 25, 2010 11:56:36 AM com.virsa.cc.common.util.ExceptionUtil logError
    SEVERE: null
    java.lang.NullPointerException
         at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthChgRoleInputElement.wdGetObject(IPublicBackendAccessInterface.java)
         at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
         at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
         at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
         at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedRoles(BackendAccessInterface.java:3735)
         at com.virsa.cc.comp.BackendAccessInterface.getAuthChangedRoles(BackendAccessInterface.java:3724)
         at com.virsa.cc.comp.BackendAccessInterface.getObjDetails(BackendAccessInterface.java:1428)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.getObjDetails(InternalBackendAccessInterface.java:4327)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.getObjDetails(InternalBackendAccessInterface.java:4796)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjDetails(DataExtractorSAP.java:630)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.getObjInfoFromSource(AnalysisEngine.java:4140)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1754)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:317)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1366)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:375)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:92)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO:  Job ID:23 : Analysis done: T_00035951_H_IXOSCFGS elapsed time: 666 ms
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.bg.BgJob setStatus
    INFO: Job ID: 23 Status: Error
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.bg.BgJob setStatus
    INFO: Job ID: 23 Status: Error
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO: Detailed Analysis Time:
    Risk Analysis Time: Started @:Mon Oct 25 11:56:36 EDT 2010
    Rule Load Time: Started @:Mon Oct 25 11:56:36 EDT 2010
    Rule Load Time:0millisec
    Org Rule Loop Time: Started @:Mon Oct 25 11:56:36 EDT 2010
    Rule Loop Time: Started @:Mon Oct 25 11:56:36 EDT 2010
    Rule Loop Time:648millisec
    Org Rule Loop Time:649millisec
    Risk Analysis Time:686millisec
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
    FINEST: Lock:1004
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
    FINEST: Unlock:1004
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
    FINEST: Lock:1004
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
    FINEST: Unlock:1004
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine riskAnalysis
    INFO:  Job ID:23 : Exec Risk Analysis
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO:  Job ID:23 : Before Rules loading,  elapsed time: 2 ms
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.riskanalysis.AnalysisEngine performActPermAnalysis
    INFO:  Job ID:23 : Analysis starts: T_00035952_H_PMREAD_I
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock lock
    FINEST: Lock:1005
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.util.Lock unlock
    FINEST: Unlock:1005
    Oct 25, 2010 11:56:36 AM com.virsa.cc.common.util.ExceptionUtil logError
    SEVERE: null
    java.lang.NullPointerException
         at com.virsa.cc.comp.wdp.IPublicBackendAccessInterface$IAuthForRoleInputElement.wdGetObject(IPublicBackendAccessInterface.java)
         at com.sap.tc.webdynpro.progmodel.context.NodeElement.getAttributeAsText(NodeElement.java:888)
         at com.virsa.cc.comp.BackendAccessInterface.execBAPI(BackendAccessInterface.java:401)
         at com.virsa.cc.comp.BackendAccessInterface.executeBAPI(BackendAccessInterface.java:302)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface.executeBAPI(InternalBackendAccessInterface.java:4227)
         at com.virsa.cc.comp.wdp.InternalBackendAccessInterface$External.executeBAPI(InternalBackendAccessInterface.java:4696)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:213)
         at com.virsa.cc.dataextractor.bo.DataExtractorSAP.getObjActions(DataExtractorSAP.java:105)
         at com.virsa.cc.xsys.meng.MatchingEngine.getObjActions(MatchingEngine.java:813)
         at com.virsa.cc.xsys.meng.MatchingEngine.matchActRisks(MatchingEngine.java:121)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.performActPermAnalysis(AnalysisEngine.java:1407)
         at com.virsa.cc.xsys.riskanalysis.AnalysisEngine.riskAnalysis(AnalysisEngine.java:317)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchRiskAnalysis(BatchRiskAnalysis.java:1055)
         at com.virsa.cc.xsys.bg.BatchRiskAnalysis.performBatchSyncAndAnalysis(BatchRiskAnalysis.java:1366)
         at com.virsa.cc.xsys.bg.BgJob.runJob(BgJob.java:559)
         at com.virsa.cc.xsys.bg.BgJob.run(BgJob.java:362)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.scheduleJob(AnalysisDaemonBgJob.java:375)
         at com.virsa.cc.xsys.riskanalysis.AnalysisDaemonBgJob.start(AnalysisDaemonBgJob.java:92)
         at com.virsa.cc.comp.BgJobInvokerView.wdDoModifyView(BgJobInvokerView.java:444)
         at com.virsa.cc.comp.wdp.InternalBgJobInvokerView.wdDoModifyView(InternalBgJobInvokerView.java:1236)
         at com.sap.tc.webdynpro.progmodel.generation.DelegatingView.doModifyView(DelegatingView.java:78)
         at com.sap.tc.webdynpro.progmodel.view.View.modifyView(View.java:337)
         at com.sap.tc.webdynpro.clientserver.cal.ClientComponent.doModifyView(ClientComponent.java:481)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.doModifyView(WindowPhaseModel.java:551)
         at com.sap.tc.webdynpro.clientserver.window.WindowPhaseModel.processRequest(WindowPhaseModel.java:148)
         at com.sap.tc.webdynpro.clientserver.window.WebDynproWindow.processRequest(WebDynproWindow.java:335)
         at com.sap.tc.webdynpro.clientserver.cal.AbstractClient.executeTasks(AbstractClient.java:143)
         at com.sap.tc.webdynpro.clientserver.session.ApplicationSession.doProcessing(ApplicationSession.java:333)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessingStandalone(ClientSession.java:741)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doApplicationProcessing(ClientSession.java:694)
         at com.sap.tc.webdynpro.clientserver.session.ClientSession.doProcessing(ClientSession.java:253)
         at com.sap.tc.webdynpro.clientserver.session.RequestManager.doProcessing(RequestManager.java:149)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doContent(DispatcherServlet.java:62)
         at com.sap.tc.webdynpro.serverimpl.defaultimpl.DispatcherServlet.doGet(DispatcherServlet.java:46)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Oct 25, 2010 11:56:36 AM com.virsa.cc.xsys.meng.ObjAuthMatcher <init>
    FINEST: ObjAuthMatcher constructed: 0ms, #singles=27, #ranges=0, #super=0
    Oct 25, 2010 11:56:37 AM com.virsa.cc.common.util.ExceptionUtil logError
    Kindly do the needful.
    Regards,
    Arjun.

    Hi,
    1.Please check what type of connection is configuired in RAR(Adaptive RFC or SAPJCO). Please switch the connection type to SAPJCO.
    2. Please check the daemon & daemon manager statues.
    3. Check the Job threds in daemon manager after sechudeling job.
    Regards,
    Arjun.

  • Risk Analysis Failing in ERM 5.3

    Hi All -
    I would appreciate some assistance with pin-pointing an issue that I'm having with running Risk Analysis on roles in ERM. Currently I have RAR configured with the appropriate rule set and generating the expected risk/sod conflicts for users & roles. I have also added the appropriate Web Service Info. in th Misc section under the configuration tab (url, user, pwd) for all sections associate with RAR integration.
    Now when I run a risk analysis on a particular role in RAR i get the correct conflicts however when I get the Risk Analysis stage with ERM I receive the following Error:
    Risk analysis failed; Cannot assign NULL to host variable 5. setNull() can only be used if the corresponding column is nullable. The statement is "INSERT INTO VT_RE_RSK_OBJRULES (OBJCODE, OBJDESC, OBJFLDCODE, OBJFLDDESC, VALFRMID, VALTOID, COND, RSKVIOLID) VALUES(?, ?, ?, ?, ?, ?, ?, ?)".
    I also get this error when trying to run Mass Maintenance --> Risk Analysis:
    Risk anaysis for role "XX:XXXXX" failed
    Before I was getting error: "Risk Analysis performed successfully; No Risk Found" so I referenced SAP Note 1265964 and applied all solution steps.
    Lastly here is the error log:
    2010-01-14 14:59:28,768 [SAPEngine_Application_Thread[impl:3]_31] ERROR com.virsa.re.role.actions.RiskAnalysisAction
    java.lang.Throwable: Cannot assign NULL to host variable 5. setNull() can only be used if the corresponding column is nullable. The statement is "INSERT INTO VT_RE_RSK_OBJRULES (OBJCODE, OBJDESC, OBJFLDCODE, OBJFLDDESC, VALFRMID, VALTOID, COND, RSKVIOLID)  VALUES(?, ?, ?, ?, ?, ?, ?, ?)".
         at com.virsa.re.bo.impl.RiskAnalysisBO.saveObjViolations(RiskAnalysisBO.java:906)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performObjLvlRiskAnalysis(RiskAnalysisBO.java:824)
         at com.virsa.re.bo.impl.RiskAnalysisBO.performRiskAnalysisOnSystem(RiskAnalysisBO.java:214)
         at com.virsa.re.role.actions.RiskAnalysisAction.performRiskAnalysisOnMultipleRoles(RiskAnalysisAction.java:609)
         at com.virsa.re.role.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
         at com.virsa.framework.NavigationEngine.execute(NavigationEngine.java:273)
         at com.virsa.framework.servlet.VFrameworkServlet.service(VFrameworkServlet.java:230)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
         at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
         at com.virsa.framework.servlet.VFrameworkServlet.service(VFrameworkServlet.java:286)
         at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.runServlet(FilterChainImpl.java:117)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:62)
         at com.virsa.comp.history.filter.HistoryFilter.doFilter(HistoryFilter.java:43)
         at com.sap.engine.services.servlets_jsp.server.runtime.FilterChainImpl.doFilter(FilterChainImpl.java:58)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:384)
         at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
         at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
         at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
         at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
         at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
         at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
         at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
         at java.security.AccessController.doPrivileged(Native Method)
         at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
         at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
    Any help would be greatly appreciate it - Thanks in Advance!

    GOing to repost

Maybe you are looking for

  • How can I turn on the mini-PCI WiFi card on Satellite 1905-S301?

    greetz! I have installed an optional mini-PCI wireless LAN card into my Toshiba Satellite 1905-s301 notebook and turned on its power switch. MS WXP Pro SP2 recognized the hardware and installed its drivers - there is no cross or question mark next to

  • I cannot access Feynman Tuva website

    For some reasons I cannot access the research.microsoft.com/Tuva website (or even any part of the MS Research website) using Safari 4. Silverlight is installed; I can visit the silverlight.net website and there everything is fine. However, for some r

  • When writing DVD always receive a random error?

    I have been using my MacBook for about a month, but as time passes things with the DVD drive get worse. At first I had problems reading, but now I can't write any DVDs, I either receive some errors during writing or at disc verification. And the disk

  • Publishing static web reports

    Hi experts!!! I need to publish static web reports...with my understanding...I guess I have to do like this...Can anyone guide  in correct way if its wrong... First design query in Query designer...then go to WAD and design your template with appropr

  • TOC Auto Collapse

    Hi, Anyone know how to change the code of the toc code to do the following: Click on Book A and it opens. Click on book B and B opens and A closes. I saw a post where you could create a button to get is to do it, is there an automatic way? Thanks for