While raising a user request using one of a request form, after click on submit button the request is not getting generated displaying the below error.
Error creating the Change Request:
An issue with handling encryption was encountered
Error in aveksaServer log shows:
java.lang.IllegalStateException: An issue with handling encryption was encountered
at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:507)
at com.aveksa.gui.objects.changeRequest.GuiChangeRequest.getDecryptedPassword(GuiChangeRequest.java:112)
at com.aveksa.gui.objects.changeRequest.GuiChangeRequest.processPasswords(GuiChangeRequest.java:688)
at com.aveksa.gui.objects.changeRequest.GuiChangeRequest.submitRequest(GuiChangeRequest.java:611)
at com.aveksa.gui.objects.changeRequest.GuiChangeRequest.submitRequest(GuiChangeRequest.java:585)
at com.aveksa.gui.pages.changeRequest.edit.submit.SubmitRequestWizard.submitChangeRequest(SubmitRequestWizard.java:1796)
at com.aveksa.gui.pages.changeRequest.edit.submit.SubmitRequestWizard.submitRequest(SubmitRequestWizard.java:1708)
at com.aveksa.gui.pages.changeRequest.edit.submit.MainWizardPageData.handleSubmit(MainWizardPageData.java:202)
at com.aveksa.gui.pages.base.data.wizard.StepWizardDialogData.handleRequest(StepWizardDialogData.java:119)
at com.aveksa.gui.pages.PageManager.forwardRequest(PageManager.java:605)
at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:340)
at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:271)
at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:185)
at com.aveksa.gui.core.MainManager.doGet(MainManager.java:129)
at com.aveksa.gui.core.MainManager.doPost(MainManager.java:427)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:129)
at com.aveksa.gui.core.filters.LoginFilter.doFilter(LoginFilter.java:62)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at com.aveksa.gui.util.security.XSSFilter.doFilter(XSSFilter.java:20)
at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)
at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)
at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AuthenticationConstraintHandler.handleRequest(AuthenticationConstraintHandler.java:53)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.servlet.handlers.security.ServletSecurityConstraintHandler.handleRequest(ServletSecurityConstraintHandler.java:59)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.RewriteCorrectingHandlerWrappers$PostWrapper$1.handleRequest(RewriteCorrectingHandlerWrappers.java:71)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.deployment.RewriteCorrectingHandlerWrappers$PreWrapper$1.handleRequest(RewriteCorrectingHandlerWrappers.java:52)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)
at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)
at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)
at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)
at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.api.LegacyThreadSetupActionWrapper$1.call(LegacyThreadSetupActionWrapper.java:44)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)
at io.undertow.servlet.handlers.ServletInitialHandler$1$1.run(ServletInitialHandler.java:110)
at java.security.AccessController.doPrivileged(Native Method)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:107)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:202)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:805)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: com.aveksa.common.crypto.EncryptionException: Failed to decrypt text
at com.aveksa.common.crypto.CryptoJBasedStringEncryptor.decrypt(CryptoJBasedStringEncryptor.java:213)
at com.aveksa.common.crypto.CryptoJBasedStringEncryptor.decrypt(CryptoJBasedStringEncryptor.java:30)
at com.aveksa.common.crypto.EncryptionMgr.decrypt(EncryptionMgr.java:479)
... 68 more
Caused by: java.lang.StringIndexOutOfBoundsException: String index out of range: 11
at java.lang.String.substring(String.java:1963)
at com.aveksa.common.crypto.StringEncryptor.getCryptoWrapperKeyMismatchException(StringEncryptor.java:177)
at com.aveksa.common.crypto.CryptoJBasedStringEncryptor.decrypt(CryptoJBasedStringEncryptor.java:207)
The error message "An issue with handling encryption was encountered" is discussed in this KB article.
000035110 - Functionality requiring the retrieval of encrypted passwords is failing after a database restore in RSA Identity Governance & Lifecycle
RSA Identity Governance & Lifecycle encrypts all plaintext passwords wherever they are used in the product. If you are using an imported connector, collector or workflow that uses a password access to that password is lost during the import. Try entering any passwords again and saving them so that they can be re-encrypted.
If you get this error in one place likely you will have other failures as well in other parts of the product that use passwords.