Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031749 - RSA Identity Managerment and Governance collector failing with error: ORA-31011: XML parsing failed and ORA-19202: Error occurred in XML processing

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 2Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031749
Applies To	RSA Product Set: Identity Management and Governance RSA Product/Service Type: Enterprise Software RSA Version/Condition: 6.9.1 Platform: JBoss Platform (Other): null O/S Version: N/A Product Name: RSA-0018000 Product Description: Access Certification Manager
Issue	The collector fails with the following error: ORA-31011: XML parsing failed. The Oracle alert_AVDB.log, located in /u01/app/oracle/diag/rdbms/avdb/AVDB/trace/alert_AVDB.log on hardware appliances, may also show errors that are similar to the following: ORA-31011: XML parsing failed ORA-19202: Error occurred in XML processing LPX-00210: expected '<' instead of 'M' Error at line 1 ORA-06512: at "SYS.XMLTYPE", line 0 ORA-06512: at line 1 Caused By Stack com.aveksa.sdk.collector.CollectionException
Cause	HTML or XML text is being deleted, truncated, or otherwise changed from a query, such as the Application Roles Query and App Roles for Accounts Query. A query from a version before 6.9 contains markup or scripting language. When the query is migrated into version 6.9 or higher, the scripting is being removed. It may not be removed immediately, but may be re-evaluated when the collector is changed (the change does not need to be in the query). This is caused by a new security feature in 6.9+ that can remove scripting in some situations. Limited configuration of this functionality is available for certain areas of the product (not collectors), by going to Admin > System > Security then clicking Edit and going to XSS/Scripting Security. Options are: No markup input is allowed in any text field in the user interface. Data in this state passes though a sanitizer that removes any HTML markup and scripting. (The markup is filtered out, not encoded.) This is the system’s default configuration. Sanitized HTML input is allowed in text fields. Data in this state passes through a sanitizer that removes any HTML markup not on a specific whitelist (see "Allowed Markup Input Whitelist” in the RSA IMG 6.9 Administrators Guide. The whitelist includes nothing that allows scripting. Allow any markup in particular text fields. Data is not filtered or encoded. Any HTML markup or scripting can be entered in text fields
Resolution	The query should be modified to not include any markup or scripting language. If this is not possible, any scripting commands need to comply with the whitelist guidelines in the RSA IMG 6.9 Administrator's Guide.

Attachments

Outcomes

0 Comments

Recommended Content