on Jun 5, 2019Article Content
| Article Number | 000037465 |
| Applies To | RSA Product Set: Identity Governance & Lifecycle RSA Version/Condition: 7.0.2, 7.1.0, 7.1.1 |
| Issue | When testing or collecting an RSA Identity Governance & Lifecycle collector of DB Type 'Oracle', the bind fails with the following error message even if the correct credentials are used. java.sql.SQLException: ORA-01017: invalid username/password; logon denied  The /home/oracle/wildfly-8.2.0.Final/standalone/log/aveksaServer.log shows the following ERROR level log message: 05/08/2019 15:16:27.292 ERROR (Thread-6499 (HornetQ-client-global-threads-1354152125)) [com.aveksa.server.utils.NodeMessageBroker] Exception while getting test data from collector com.aveksa.server.runtime.ServerException: com.aveksa.sdk.collector.CollectionException: com.aveksa.common.DataReadException: ERROR: Could not get accounts data: . Caused by com.aveksa.common.DataReadException: ERROR: Could not get accounts data: . Caused by java.sql.SQLException: ORA-01017: invalid username/password; logon denied .. Caused by: java.sql.SQLException: ORA-01017: invalid username/password; logon denied |
| Cause | This is a known issue if the Oracle bind password contains certain special characters. RSA Identity Governance & Lifecycle currently sanitizes input in the Password dialog box of the collector to prevent potential scripting attacks. Although these characters are valid characters allowed by Oracle as part of the Oracle password, they cannot be used in the password dialog box. The list of characters currently known to cause this issue are the following.
|
| Resolution | There is no resolution to this issue at the time of writing. |
| Workaround | Avoid the use of the following characters in datastores used for collecting data.
|