and more in a single search tool across platforms. Read the announcement here. |
03/15/2024 07:24 AM
Hi,
we have a securirtysystem with Create Task Action as EntitlementsOnly. Some users receive the account as a birthright through technical rules but others can also request an account from ARS. The security system uses the REST connector for provisioning.
This was working fine with the 5.5 version but now when we're migrating to EIC 24.1 these accounts are no longer provisioned when the Add Access tasks are created by technical rules. I can see the following in application logs:
"2024-03-14T09:08:33.142+00:00","ecm","services.ArsTaskService","http-nio-8080-exec-53-8pb72","DEBUG","Found add access task for EntitlementsOnly"
"2024-03-14T09:08:33.142+00:00","ecm","services.ArsTaskService","http-nio-8080-exec-53-8pb72","ERROR","Named parameter [requestKey] value may not be null"
"2024-03-14T09:08:33.716+00:00","ecm","","null-8pb72","","java.lang.IllegalArgumentException: Named parameter [requestKey] value may not be null at com.saviynt.ecm.services.ArsTaskService.completeTasks(ArsTaskService.groovy:5867) at com.saviynt.ecm.services.ArsTaskService.completeTask(ArsTaskService.groovy:5945) at com.saviynt.ecm.services.WorkflowService$_processPendingTasks_closure307.doCall(WorkflowService.groovy:25801) at com.saviynt.ecm.services.WorkflowService.processPendingTasks(WorkflowService.groovy:25795) at com.saviynt.ecm.workflow.JbpmworkflowmanagementController$_closure148.doCall(JbpmworkflowmanagementController.groovy:10047) at grails.plugin.springsecurity.web.filter.GrailsAnonymousAuthenticationFilter.doFilter(GrailsAnonymousAuthenticationFilter.java:53) at com.saviynt.webservice.SaviyntRestAuthenticationFilter.doFilter(SaviyntRestAuthenticationFilter.groovy:159) at grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter.doFilter(MutableLogoutFilter.java:62) at grails.plugin.springsecurity.web.SecurityRequestHolderFilter.doFilter(SecurityRequestHolderFilter.java:59) at com.mrhaki.grails.plugin.xframeoptions.web.XFrameOptionsFilter.doFilterInternal(XFrameOptionsFilter.java:69) at com.brandseye.cors.CorsFilter.doFilter(CorsFilter.java:82) at java.lang.Thread.run(Thread.java:750)"
My question is that is provisioning an account from technical rules still supported in EIC when EntitlementsOnly is used for a security system?
best regards,
Sampo
03/17/2024 06:28 PM
Technical rule account creation does not works in v24.x when EntitlementsOnly is applied on security system. Please raise defect as it was working before.
03/21/2024 08:47 AM
Hi @Sampo
I have validated in other connections and it works fine. unfortunately i couldn't test it out in rest connector , can you get me more specific logs the above error doesnt seem to be the account creation issue.
Log: Add access task - 8521 is found without accountkey, validating further
You should get this log line and from there you can check it out.
Thanks
Darshan