Risk analysis when integrating 2 R/3 systems

Similar Messages

• Risk Analysis for Third party ERP system

  We want to perform offline risk analysis for third party ERP(SRM) system.... We have already GRC system installed with Global rule set for SAP ERP & want to have another ruleset for offline risk analysis.
  Just would like to have a confirmation for below steps & estimated time for this.
  Activities Need to be performed from Our side(Client) :-
  1) Send the RAR format for Users/Roles/Actions & Permissions.
  2) Cross Verify the format.
  3) Create the connector for stored files.
  4) Upload the files via Data Extraction utility.
  5) Generate the ruleset for SRM(third party).
  6) Schedule the various background jobs.
  Activities Need to be Performed from Third Party - HUBWOO(Owns SRM ERP system) :-
  1) Convert users/action/roles and permissions files to RAR format.
  Activities need to be Performed  from SAP :-
  1) Provide the ruleset for HUBWOO SRM system.
  Please let me know if I missed any step above & estimated time to complete from our end & did anyone has come across ruleset for HUBWOO system..?
  Thanks in Advance!!

  Thanks all for your reply,
  Alpesh, but still I have small concern here, when SAP provide the ruleset files, it also provides for Oracle, People soft & JDE ERP.
  Though these are also third party ERP's for SAP...?
  Does it mean that we can'task for ruleset for other third party ERP from SAP...? or does SAP Charge something for it..?
  Thanks

• Problem when integrating Web based system

  I want to integrate a web based system.I tried to use appintegrater, but my web system only has one page that accept URL parameters to let you login.
  So, I need to try Http system and URL iView. There is an "Authentication URL" property in http system, does that mean  I can fill in the page which accepts URL parameters, and fill the "URL Parameter for Password" and "URL Parameter for User Name". Then ,when I want to access any page through this http system, will the system login to the web system use the properties defined first?
  I've tried this method, but failed. I don't know if the method will work? If not, anybody can give some suggestion?

  Hi,
  there is no out of the box solution for a xml export. So you got 2 options.
  First :
  Use the SDK and create your own export solution, which will executed whiled printing / inserting a order.
  Second :
  Use a third party addon like coresuite, which allows you to create a batch including VB scripts. So if you press print, the batch job creates the printout and a xml file for your export to the web services.
  Perhaps your issue could also solved by using the XL-reporter, but i do not know exactly which functions the XL-reporter has.
  Regards Steffen

• AE 5.2 cross system risk analysis with CC 4.0

  Hi,
  We have an unique situation.
  We have CC 4.0 (central) set up in ECC system where the rules and risks are defined for systems such as R/3, HR and SRM
  We need AE to use this central CC system to do the risk analysis when an access request for HR or SRM is submitted in AE 5.2. Right now for a request to a HR system, risk analysis is being done in HR system where there are no rules and hence no risks are identified.
  Environment :
  CC 4.0 in  ECC 5.0 with VIRSANH RTA 520_640 Level 3 and VIRSAHR RTA 520_640 Level 2
  AE 5.2 JAVA in NW 7.0 SP level 2
  Risk analysis for Access requests to ECC system is done with out any issues and the connectors in AE are defined as well as CC 4.0 configuration for cross system is enabled.
  Please give your suggestions and also tell me if this below scenario is possible.
  Use CC 5.2 Java stand alone system and define logical/cross system to connect to multiple systems such as HR and SRM and use those specific rules to do the risk analysis.
  Thanks

  Hi RM,
  You can setup Risk Analysis inside AE Configuration.
  You can identify the level of risk analysis and specify the Compliance Calibrator version for processing risks.
  See the details from the AE Configuration Manual
  In the Select Compliance Calibrator Version pane, from the Version drop-down list, select the version of Compliance Calibrator.
  In the URI field, enter the appropriate URI address for the web services.
  In the User Name field, enter your User ID. Your User ID must have security access
  to web service.
  In the Password field, type your password.
  Select the Perform Org Rule Analysis option to perform org. rule analysis at risk
  analysis time.
  Note: There are two selectable versions of Compliance Calibrator. If you select 5.0 Web Service, three additional fields appear (URI, User Name, and Password). For the URI field, you need to navigate to the
  SAP NetWeaver Web Application Server Home page > Web Services Navigator > CCRiskAnalysisService > WSDLs > Standard link of Document, where you will see a list of all web
  services in the server. Select the desired URI address.
  If you select Compliance Calibrator 4.0, there is no need to connect to a URI address
  So the answer is YES, you can connect AE  5.2 with CC 4.0 for Risk Analysis.
  Hope this helps,
  Regards,
  Kiran Kandepalli.

• CUA and Risk Analysis

  We have installed GRC 5.3 AC and using it with CUA. Connector names are same as names in CUA.
  While doing Risk Analysis for user in Master system, it shows violations. For same user, when I do risk analysis in child system (which has same roles) it does not show any violations.
  Are we missing anything?
  Thanks,

  Thanks,
  I checked those notes but it talks about Analysis from CUP where as I'm currently looking into Risk Analysis from RAR only.
  I checked with another user-id with different roles but it shows violation in both Master and Child system. Wehre as earlier user-id still shows violation in Master system only even though roles are same in both systems.
  So, i suspect some of rules are not generated (i ran rule generation again).
  Is there any way to check/generate rules for particular system?

• Program batch risk analysis offline GRC AC 10.0

  Hello consultant:
  We have configurated GRC AC 10.0 RAR , when we executed risk analysis for Tx:NWBC  , the system run analysis(foreground or background) correctly but when we executed analysis for Tx:SPRO->Governance Risk and compliance->Access control->Batch Risk Analysis , the system run two jobs E:GRAC_SOD and GRAC_SOD but the jobs run only 1 second and finished sucesffully but the system no run analysis.
  Please could you help me?
  Thank you very much

  Please check view details in NWBC.
  or go to abap and select option and run it..
  and u can monitor the same using
  the tcode batch job for GRc monitor tcode dont remember u can check in guide.
  there it can show details.
  need tcodes and all ,please post
  Regards,
  Prasant

• Risk Analysis On Request Submission property config

  Hi,
  We have configured the New and Change access request to go through a Role Owner Approval in CUP. As to enable the role owners aware of the reported risks with an access request when it lands in their Inbox, we have enabled the Risk Analysis config:  'Risk Analysis On Request Submission' to Yes. This setting makes the system to perform Risk Analysis using the RA webservice on ALL requests.
  But we are not enforcing the Risk analysis and mitigation in all systems that are provisioned through GRC CUP. The property seems global and hence we are looking for a work around to bypass the RA on requests for some systems or rather a system specific setting.
  Is there any tweak available with GRC 5.3 SP08 to achieve this?
  As of now, we don't maintain the RAR rules for the systems where risk analysis is non-mandatory, but notice that the system is unnecessarily performing RA amounting to inefficient utilization of  resources.
  Any help would be greatly appreciated.
  Thanks, Anil

  Anil,
  There will be a few seconds extra for each system not included in risk analysis, but it should realize very quickly that there are no rules for that system (and that it can't even connect to pull authorizations if it is a dummy system).
  Sorry there isn't a better answer, but it's the way it is built.
  Tyler

• Issue in ERM - GRC AC 10 - Is risk analysis not mandatory

  Hi,
  We have defined our Role Methodology in 10 as Define Role - Maintain Authorizations - Analyze access risks - Derive role - approval - generation
  When we defined the role and maintained authorization data and proceeding without running risk analysis the role is moving to the next stage without stating any warning that "Risk Analysis is Mandatory". Upon click on Save & COntinue it is proceeding to further stages.
  Is there any parameter which needs to be set to throw a warning message for Risk Analysis to be run before the role is moved to next stage.
  We arleady set the paramater 3011 as YES - Conduct Risk Analysis before Role Generation.
  Thanks and Best Regards,
  Srihari.K

  Hi,
  Note the definition of the parameter 3011 as per "Maintaining Configuration Settings Guide - SAP AC 10.0":
  "Set the value to YES to automatically perform risk analysis when the user generates roles."
  This parameter applies only at generation stage.
  Cheers,
  Diego.

• After the risk analysis I am trying to mitigate the users with risk ID and I am getting an authorization error.

  Dear All,
  I am trying to mitigate some users and after running risk analysis when I am trying to mitigate them I am getting an error saying I am not authorized to do so.
  I have requird roles to do my activity-

  Dear Prasant,
  I am getting above error.
  I have required roles
  GRC_CONTROL_APPROVER
  GRC_RISK_OWNER
  Regards,
  Abhishek

• No result /report when weu00B4re running a risk analysis in background

  Dear forum,
  We are running several risk analysis in background (from configuration tab) and we cannot see any result
  in the column called "result". However, when we run a offline analysis (from informer tab) we can see that the column "result" is containing a file.
  Hope you can help us.
  Thanks in advance.

  Running risk analysis in background from the configuration tab does not produce a report by design.  This background job is really just performing a system maintenence activity and is not intended for report generation.  This background job preps data for performing offline analysis as well as the underlying data that supports the management reports in the informer tab (among other things).  Generally, anything in the configuration tab is system maintenance related.
  It sounds like you're attempting to perform typical analysis of end user access, not system maintenance activities.  The informer tab is what you need to be using to perform the analysis.
  Within the informer tab, whether you choose to perform online analysis or offline analysis, a report result is always generated.  In my experience, there has not been a compelling reason to use offline analysis capabilities within the informer tab.  Online analysis (real-time analysis of the SAP system rather than the offline data from the last configuration tab background risk analysis) is naturally always current, which is a plus.

• GRC 10 - Risk Analysis in legacy system

  Hi everybody,
  I have a problem with legacy connectors in GRC 10. I implemented the note 1594963. So, I created the legacy files and storage it in GRC server.
  When I run the user synch, the legacy connector only synch the first record.
  Someone can help me? Someone did implement a risk analysis for legacy systems?
  Regards,

  Hi  Claudio Ekel
  Can you share some inputs on the Legacy Risk Analysis.
  We have configured the Legacy Connector as per the note 1594963 ; Placed the files on the server & tried running Synchronization Jobs. But the data is not getting uploaded to GRC10 .
  We made sure that text files are in UTF-8 format
  Is it mandatory to load all the 11 files that are provided in the note 1594963? We have excluded the Profile related files
  Can you share a sample of Legacy file formats that you have used for the sync.
  Can you throw some light on what could be the possible issues for data not getting uplaoded to GRC10?
  Regards,
  Pavan Muthyala

• CUP : RISK ANALYSIS FAILED for Multi systems

  Greetings,
  Risk Analysis through CUP is failing on a request containing multi system access.
  There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
  I have check already check the below and they seem working fine without any issue
  1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
  2. The risk analysis web service works as expected and there is no failure.
  3. The connectors have the same name both in CUP & RAR no difference
  4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
  5. The URI is setup correct and no issue identified there.
  6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
  When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
  Please let me know if I have missed anything?
  Line: -
  2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
  java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
  com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by:
  java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
       ... 28 more
  2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
  com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by:
  com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
       at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       ... 24 more
  Edited by: Angara Rao on Mar 9, 2011 5:15 PM

  Greetings,
  Risk Analysis through CUP is failing on a request containing multi system access.
  There are 2 systems requested on the same CUP request form. At the stage of Risk analysis is to be performed the risk analysis errors out as the risk analysis is performed on the entire request across both the systems, After the receiving the error when an individual system is selected the RA is performed with out any failure on both the systems independent of each other
  I have check already check the below and they seem working fine without any issue
  1. The admin passwords have been checked in both the systems (backend) as well as in the UME.
  2. The risk analysis web service works as expected and there is no failure.
  3. The connectors have the same name both in CUP & RAR no difference
  4. SAPJCO connectors are appropriately setup in the SLD for both the systems and they work when tested out.
  5. The URI is setup correct and no issue identified there.
  6. Both the systems request have the same stage/path and the custom approver determination appropriately setup
  When the approver tries to approve the request Risk analysis is setup as a mandatory task and when the RA is performed the system takes the default "ALL" and errors out, when you choose a specific system and perform you get the required results without any failure. Below is the java dump for the error.
  Please let me know if I have missed anything?
  Line: -
  2011-03-09 10:16:11,264 [SAPEngine_Application_Thread[impl:3]_28] ERROR java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
  java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  2011-03-09 10:16:11,278 [SAPEngine_Application_Thread[impl:3]_28] ERROR Exception during EJB call, Ignoring and trying Webservice Call
  com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:295)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:419)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.determineRisks(RiskAnalysisEJB53DAO.java:527)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:103)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by:
  java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:305)
       at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:277)
       ... 28 more
  2011-03-09 10:19:32,401 [SAPEngine_Application_Thread[impl:3]_28] ERROR com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
  com.virsa.ae.core.BOException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:199)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doRiskAnalysis(RiskAnalysisAction.java:1108)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.doAnalysis(RiskAnalysisAction.java:335)
       at com.virsa.ae.accessrequests.actions.RiskAnalysisAction.execute(RiskAnalysisAction.java:112)
       at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:295)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:431)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork(RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(AccessController.java:219)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:104)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by:
  com.virsa.ae.service.ServiceException: EXCEPTION_FROM_THE_SERVICERisk Analysis failed
       at com.virsa.ae.service.sap.RiskAnalysisWS53DAO.determineRisks(RiskAnalysisWS53DAO.java:587)
       at com.virsa.ae.service.sap.RiskAnalysis53DAO.determineRisks(RiskAnalysis53DAO.java:119)
       at com.virsa.ae.accessrequests.bo.RiskAnalysisBO.findViolations(RiskAnalysisBO.java:182)
       ... 24 more
  Edited by: Angara Rao on Mar 9, 2011 5:15 PM

• Risk Analysis not performed when using IDM WS

  Hi ,
  We are using the SAP delivered IDM WebService for submitting Access requests to CUP 5.3 SP8 Patch1.
  We have defined the properties:
  1. Perform Risk Analysis on Request Submission - YES
  2. Risk Analysis Mandatory (approval stage) - YES, When Access Changed
  3. Approve Request Despite Risks - NO
  (This setting will enable the approver to approve the access request without performing a Risk Analysis, if the initial risk analysis doesn't identify any risk with the access request. But if there are risks, the approver need to mitigate the same before he can approve it.)
  But we have found out that when submitting a request through the SAP Delivered IDM WS -'SAPGRC_AC_IDM_SUBMITREQUEST', the system DOESN'T perform RA during request submission. But when the request is submitted directly in CUP, it does.
  We've referred the Note:1168508 where it's mentioned that this issue is being fixed with SP7 Patch 1. But we are already on SP8.
  The Note says:
  "The following issues are resolved as part of Support Package 7 Patch 1:"
  and the last bullet point states that:
  "While submitting a CUP Request from web service, if the flag for Risk Analysis on submission is set not performing the Risk Analysis on submission."
  This feature was not working before and hence thought SAP has fixed it as mentioned in the Note.  Has anybody suceeeded in getting this feature working???
  Thanks & Regards,
  Anil

  Yes Dries, we have tried both and we happen to see some exceptions on request submission thru WS.
  But the request is still getting created. I've an open tkt with SAP to follow it up..I'll update once i get this fixed.
  Exception Details:
  Exception during EJB call, Ignoring and trying Webservice Call 
[EXCEPTION]
com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/w...
  Full Message Text
  Exception during EJB call, Ignoring and trying Webservice Call
   com.virsa.ae.service.ServiceException: Exception in getting the results from the EJB service : com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
  at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:294)
  at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:418)....
  at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:176)
  Caused by: java.lang.VerifyError: com/virsa/cc/xsys/ejb/RiskAnalysis.execRiskAnalysis(Lcom/virsa/cc/xsys/webservices/dto/WSRAInputParamDTO;)Lcom/virsa/cc/xsys/webservices/dto/RAResultDTO;
  at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.execRiskAnalysis(RiskAnalysisEJB53DAO.java:304)
  at com.virsa.ae.service.sap.RiskAnalysisEJB53DAO.getViolations(RiskAnalysisEJB53DAO.java:276)
  ... 44 more
  Thx,
  Anil

• Risk analysis failed: Exception from the service : Invalid System

  I'm trying to get the risk analysis performed for CUP requests.  When I'm in the process of creating a request, and I add roles to the request and then click on the risk analysis button, I get the above error.
  I checked the URI that I've included in the Risk Analysis section of the configuration and I believe it is correct:
  http://<server>:<port>/VirsaCCRiskAnalysisService/Config1?wsdl&style=document
  I've selected 5.3 web service, and I have provided a user ID that has admin rights.
  What do you think is the reason this error is being thrown?
  The error in the log is:
  2009-11-19 15:04:31,821 [SAPEngine_Application_Thread[impl:3]_39] ERROR com.virsa.ae.core.BOException: Exception from the service : Invalid System
  com.virsa.ae.core.BOException: Exception from the service : Invalid System
  Thanks,
  Santosh

  Frank,
  Thanks for your response.  I was thinking along these lines already and so I have tried to do as you suggest.  However it didn't work and the log indicated that it didn't like my connector name (even though the connector name is now the same as in RAR).
  Caused by: com.sap.tc.webdynpro.services.exceptions.WDRuntimeException: Failed to resolve JCO destination name 'SANDBOX' in the SLD. No such JCO destination is defined in the SLD.
  However, I looked at one of the online post installation checklists for CUP and I gathered that it might be necessary to have the JCo itself renamed at the backend to reflect the name used in RAR, and that should populate into my connector list within CUP (when you click on the magnifying glass).
  I'm waiting to try that out, but I'm not sure about any secondary impact of making a change to the JCo name.
  Let me know what you think about that move.
  Thanks,
  Santosh

• Risk analysis failed: ExceptionInvalid System

  Hi Gurus,
  When I am doing risk analysis in CUP for work flow request I am getting following error"Risk analysis failed: ExceptionInvalid System"
  And system log is as follows"
  011-12-18 15:52:02,729 [SAPEngine_Application_Thread[impl:3]_2] ERROR
  com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9940', Locale: 'en'
  com.virsa.ae.service.messaging.MessageNotFoundException: Code: '9940', Locale: 'en'
       at com.virsa.ae.service.messaging.MessageFormatter.formatAsText
  (MessageFormatter.java:103)
       at com.virsa.ae.search.po.RequestHistoryPO.getDisplayString(RequestHistoryPO.java:112)
       at jsp_show_audit_info1323336819278._jspService
  (jsp_show_audit_info1323336819278.java:110)
       at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:566)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:190)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
  (RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.include
  (RequestDispatcherImpl.java:509)
       at com.sap.engine.services.servlets_jsp.server.jsp.PageContextImpl.include
  (PageContextImpl.java:163)
       at jsp_request_review1323336807965._jspService(jsp_request_review1323336807965.java:703)
       at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:566)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:190)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
  (RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
  (RequestDispatcherImpl.java:377)
       at com.sap.engine.services.servlets_jsp.server.jsp.PageContextImpl.forward
  (PageContextImpl.java:199)
       at jsp_request_review_controller1323336806543._jspService
  (jsp_request_review_controller1323336806543.java:18)
       at com.sap.engine.services.servlets_jsp.server.jsp.JspBase.service(JspBase.java:112)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:566)
       at com.sap.engine.services.servlets_jsp.server.servlet.JSPServlet.service
  (JSPServlet.java:190)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
  (RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
  (RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service
  (AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.doWork
  (RequestDispatcherImpl.java:321)
       at com.sap.engine.services.servlets_jsp.server.runtime.RequestDispatcherImpl.forward
  (RequestDispatcherImpl.java:377)
       at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service
  (AEFrameworkServlet.java:461)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet
  (HttpHandlerImpl.java:401)
       at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest
  (HttpHandlerImpl.java:266)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet
  (RequestAnalizer.java:386)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet
  (RequestAnalizer.java:364)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer
  (RequestAnalizer.java:1039)
       at com.sap.engine.services.httpserver.server.RequestAnalizer.handle
  (RequestAnalizer.java:265)
       at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
       at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
       at
  com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process
  (ApplicationSessionMessageListener.java:33)
       at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
       at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
       at java.security.AccessController.doPrivileged(Native Method)
       at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
       at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
  Thanks,
  Nayana

  Hi,
  Have you already checked this thread??
  Error on calling RAR from CUP
  Cheers,
  Diego.