Re: Weird behavior with new 9.x Hotfix
If it is the report, it's an issue with the report tool. These are all "Web" reports that work on the unpatched server, but not the patched. To simplify, I just created a simple report that only has the Assigned Group field. The error is triggered when a user either searches the help desk form for all tickets that are assigned to a group that starts with the letter "U", and then attempts to run the report against the results. The other way to trigger it is to override any embedded search and use the "Show Additional Filter" feature. Pulling back any Help desk tickets that have an assigned group name that starts with "U". I included the .rptdesign file for this. Luckily, BMC has actually seen this behavior already with another customer (for that customer, it is an issue with the company name that beings with "U"). On Thu, Feb 18, 2016 at 9:40 AM, Jain, Gouravwrote: > ** > > Warren This problem is occurring because some un escape character exist in > your report parameters. > > You have some un escape char value in report parameters. Provide us the > report parameters for the problematic report. > > *From:* Action Request System discussion list(ARSList) [mailto: > arslist@ARSLIST.ORG] *On Behalf Of *Warren R. Baltimore II > *Sent:* 18 February 2016 00:05 > *To:* arslist@ARSLIST.ORG > *Subject:* Re: Weird behavior with new 9.x Hotfix > > > > ** > > Yep... My thoughts also. I just got off the phone with BMC and they do > have 1 other customer on an 8.x mid tier experiencing a similar issue > (Company name this time is the trigger...also starts with "U".). > > > > On Wed, Feb 17, 2016 at 12:27 PM, LJ LongWing > wrote: > > ** > > LOLWarren, I'm sorry...but this obviously has something to do with the > Mid-Tier trying to 'escape' a group name starting with U thinking that it's > a unicode 'code' (http://unicode-table.com/en/)...no clue why that's > happening of course, but BMC will be the only ones able to fix this > particular problem. > > > > On Wed, Feb 17, 2016 at 10:14 AM, Warren R. Baltimore II < > warrenbaltim...@gmail.com> wrote: > > ** > > Oh, and this behavior happens regardless of the report type...could be Web > or AR System (we don't use the Crystal reports). > > > > On Wed, Feb 17, 2016 at 12:12 PM, Warren R. Baltimore II < > warrenbaltim...@gmail.com> wrote: > > We recently installed a hotfix on the midtier to resolve a number of > issues. In the process though, it seems to have created havoc with some of > our reporting. > > Specifics first! > > ARS 9.0.01/ITSM 9.0.01 > > Mid tier hotfix 9.0.01 201512181241 > > > > Windows 2008 r2 servers (3 app servers and 3 mid tier) > > Apache Tomcat 7.0.62 > > Java V 8u66 > > We have a group called "UFMS". > > They have a report that is designed to bring back open tickets for that > group. > > When you run the report from the report console where assigned group is > "UFMS", we receive the following error: > HTTP Status 500 - Unable to parse unicode value: fms\ > -- > > *type* Exception report > > *message* *Unable to parse unicode value: fms\* > > *description* *The server encountered an internal error that prevented it > from fulfilling this request.* > > *exception* > > org.apache.commons.lang.exception.NestableRuntimeException: Unable to parse > unicode value: fms\ > > > org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:337) > > > org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:287) > >com.remedy.arsys.support.Validator.URLParamHasXSSTag(Validator.java:219) > > > com.remedy.arsys.stubs.AuthenticationHelperServlet.setupEnv(AuthenticationHelperServlet.java:143) > > > com.remedy.arsys.stubs.AuthenticationHelperServlet.doRequest(AuthenticationHelperServlet.java:78) > > > com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) > >com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62) > >javax.servlet.http.HttpServlet.service(HttpServlet.java:650) > >javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > >org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > >com.remedy.arsys.stubs.ReportServlet.doRequest(ReportServlet.java:80) > > > com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) > >com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62) > >javax.servlet.http.HttpServlet.service(HttpServlet.java:650) > >javax.servlet.http.HttpServlet.service(HttpServlet.java:731) > >org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) > >com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49) > > *root cause* > > java.lang.NumberFormatException: For input string: "fms\" > > > java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) > >java.lang.Integer.parseInt(Integer.java:580) > > >
Re: Weird behavior with new 9.x Hotfix
Warren This problem is occurring because some un escape character exist in your report parameters. You have some un escape char value in report parameters. Provide us the report parameters for the problematic report. From: Action Request System discussion list(ARSList) [mailto:arslist@ARSLIST.ORG] On Behalf Of Warren R. Baltimore II Sent: 18 February 2016 00:05 To: arslist@ARSLIST.ORG Subject: Re: Weird behavior with new 9.x Hotfix ** Yep... My thoughts also. I just got off the phone with BMC and they do have 1 other customer on an 8.x mid tier experiencing a similar issue (Company name this time is the trigger...also starts with "U".). On Wed, Feb 17, 2016 at 12:27 PM, LJ LongWing> wrote: ** LOLWarren, I'm sorry...but this obviously has something to do with the Mid-Tier trying to 'escape' a group name starting with U thinking that it's a unicode 'code' (http://unicode-table.com/en/)...no clue why that's happening of course, but BMC will be the only ones able to fix this particular problem. On Wed, Feb 17, 2016 at 10:14 AM, Warren R. Baltimore II > wrote: ** Oh, and this behavior happens regardless of the report type...could be Web or AR System (we don't use the Crystal reports). On Wed, Feb 17, 2016 at 12:12 PM, Warren R. Baltimore II > wrote: We recently installed a hotfix on the midtier to resolve a number of issues. In the process though, it seems to have created havoc with some of our reporting. Specifics first! ARS 9.0.01/ITSM 9.0.01 Mid tier hotfix 9.0.01 201512181241 Windows 2008 r2 servers (3 app servers and 3 mid tier) Apache Tomcat 7.0.62 Java V 8u66 We have a group called "UFMS". They have a report that is designed to bring back open tickets for that group. When you run the report from the report console where assigned group is "UFMS", we receive the following error: HTTP Status 500 - Unable to parse unicode value: fms\ type Exception report message Unable to parse unicode value: fms\ description The server encountered an internal error that prevented it from fulfilling this request. exception org.apache.commons.lang.exception.NestableRuntimeException: Unable to parse unicode value: fms\ org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:337) org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:287) com.remedy.arsys.support.Validator.URLParamHasXSSTag(Validator.java:219) com.remedy.arsys.stubs.AuthenticationHelperServlet.setupEnv(AuthenticationHelperServlet.java:143) com.remedy.arsys.stubs.AuthenticationHelperServlet.doRequest(AuthenticationHelperServlet.java:78) com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62) javax.servlet.http.HttpServlet.service(HttpServlet.java:650) javax.servlet.http.HttpServlet.service(HttpServlet.java:731) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) com.remedy.arsys.stubs.ReportServlet.doRequest(ReportServlet.java:80) com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62) javax.servlet.http.HttpServlet.service(HttpServlet.java:650) javax.servlet.http.HttpServlet.service(HttpServlet.java:731) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) com.remedy.arsys.stubs.TenancyFilter.doFilter(TenancyFilter.java:49) root cause java.lang.NumberFormatException: For input string: "fms\" java.lang.NumberFormatException.forInputString(NumberFormatException.java:65) java.lang.Integer.parseInt(Integer.java:580) org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:331) org.apache.commons.lang.StringEscapeUtils.unescapeJava(StringEscapeUtils.java:287) com.remedy.arsys.support.Validator.URLParamHasXSSTag(Validator.java:219) com.remedy.arsys.stubs.AuthenticationHelperServlet.setupEnv(AuthenticationHelperServlet.java:143) com.remedy.arsys.stubs.AuthenticationHelperServlet.doRequest(AuthenticationHelperServlet.java:78) com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62) javax.servlet.http.HttpServlet.service(HttpServlet.java:650) javax.servlet.http.HttpServlet.service(HttpServlet.java:731) org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) com.remedy.arsys.stubs.ReportServlet.doRequest(ReportServlet.java:80) com.remedy.arsys.stubs.GoatHttpServlet.postInternal(GoatHttpServlet.java:98) com.remedy.arsys.stubs.GoatHttpServlet.doPost(GoatHttpServlet.java:62)
Authentication Strings in WSDL as Secure Strings
Hi, We have an integration of BMC Remedy 8.1v with an home grown .Net Application through Webservices. The third party application has found Vulnerability in the WSDL and have recommended us to make the Password as an SecureString. The WSDL generates the Authentication string (Username/Password) automatically and he developers will not have any control over this. Is there any option to make these Authentication strings are SecureStrings. Regards Madhu ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"