"BufferOverflowException" when attempting to authenticate to RSA Via Lifecycle and Governance console
RSA Product Set: Via Lifecycle and Governance RSA Version/Condition: 7.0
The RSA Via Lifecycle and Governance console is unresponsive. For users attempting to authenticate, the logon screen accepts the credentials. If the credentials are incorrect the logon screen displays again. If the correct credentials are entered the authentication succeeds but the logon dialog does not close.
For users who have an existing session the console is unresponsive and although the menu's display if an item is selected the console shows Loading data... indefinitely.
The /home/oracle/wildfly-8.2.0.Final/standalone/log/aveksaServer.log shows the following exception.
08/13/2016 16:31:28.406 ERROR (default task-254) [com.aveksa.gui.core.MainManager]
An AWR report may show queries associated with logon active at the time of the problem, specifically queries in the SecurityContext.csv file.
The error BufferOverflowException is a generic error that may occur anytime the console is unresponsive and an existing http session is unable to receive data from the server. This may be caused by other issues than what is described here. If the error occurs along with the inability of the users to logon with valid credentials then the following problem may be suspected.
When a user logs in (i. e., authenticates) a query is done to build a cache to hold the resources the user is allowed to access. A lock is put on the cache at the start of the cache building process. This prevents other user authentications from proceeding until the previous users authentication cache building is complete. If multiple users are authenticating at the same time they will be blocked from completing their authentication and users with existing sessions will be blocked from access new menu items in the console.
Customers using a custom SecurityContext.csv file may be more prone to this problem if there are complicated queries in the file that are processed during authentication.
This issue has been resolved in RSA Via Lifecyle and Governance 7.0.0 patch P05.
A change has been made that only locks the cache for the specific user that is authenticating and allows other user sessions to continue while the authenticated users authentication cache is being constructed.