000034049 - "BufferOverflowException" when attempting to authenticate to RSA Via Lifecycle and Governance console

Document created by RSA Customer Support Employee on Sep 21, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000034049
Applies ToRSA Product Set: Via Lifecycle and Governance 
RSA Version/Condition: 7.0
IssueThe RSA Via Lifecycle and Governance console is unresponsive.  For users attempting to authenticate, the logon screen accepts the credentials.  If the credentials are incorrect the logon screen displays again.  If the correct credentials are entered the authentication succeeds but the logon dialog does not close.

User-added image

For users who have an existing session the console is unresponsive and although the menu's display if an item is selected the console shows Loading data... indefinitely. 
User-added image

The /home/oracle/wildfly-8.2.0.Final/standalone/log/aveksaServer.log shows the following exception.

08/13/2016 16:31:28.406 ERROR (default task-254) [com.aveksa.gui.core.MainManager] 
    at java.nio.DirectByteBuffer.put(DirectByteBuffer.java:357)

An AWR report may show queries associated with logon active at the time of the problem, specifically queries in the SecurityContext.csv file. 
CauseThe error BufferOverflowException is a generic error that may occur anytime the console is unresponsive and an existing http session is unable to receive data from the server.  This may be caused by other issues than what is described here.  If the error occurs along with the inability of the users to logon with valid credentials then the following problem may be suspected.
When a user logs in (i. e., authenticates) a query is done to build a cache to hold the resources the user is allowed to access. A lock is put on the cache at the start of the cache building process.  This prevents other user authentications from proceeding until the previous users authentication cache building is complete.  If multiple users are authenticating at the same time they will be blocked from completing their authentication and users with existing sessions will be blocked from access new menu items in the console.  
Customers using a custom SecurityContext.csv file may be more prone to this problem if there are complicated queries in the file that are processed during authentication. 
ResolutionThis issue has been resolved in RSA Via Lifecyle and Governance 7.0.0 patch P05.
A change has been made that only locks the cache for the specific user that is authenticating and allows other user sessions to continue while the authenticated users authentication cache is being constructed.