Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SAV - Error while creating account - Template contains string which are not allowed \bnew\s+[a-z

Go to solution
tcorcoran
New Contributor III
New Contributor III

‎08/30/2022 01:02 PM

Hello, In our dev environment, when running the provisioning job to complete pending tasks to create new accounts and add entitlements, the following error displays in each task.

SAV - Error while creating account 6113- Template contains string which are not allowed \bnew\s+[a-zA-Z0-9_.]{1,}\s*\(

Has anyone seen this error or knows how to fix it, if you need more info let me know. Just looking for any information as we cant find anything in freshdesk.

Thank you

Labels:
0 Kudos
2 REPLIES 2

Go to solution
rushikeshvartak
All-Star
All-Star

‎08/30/2022 02:19 PM - edited ‎08/30/2022 02:29 PM

It seems your json having new keyword. 

As a part of stronger security framework for the application, you can no longer initialize objects, ie. using 'new' keyword to initialize a hashmap, list etc.

You would need to use the usual mapping format and use conditional logic via ternary operators or if-else.


Regards,
Rushikesh Vartak
If you find the response useful, kindly consider selecting Accept As Solution and clicking on the kudos button.

Go to solution
Sampo
New Contributor III
New Contributor III

‎09/09/2022 12:16 AM

Hi,

Is blocking the new keyword mentioned in release notes for any version? I haven't found any official mention of this change  so far.

We have ran into this issue in one customer env that was upgraded to 5.5 SP 3.12.6. However, it turned out that the issue was caused by a missing line in Config.groovy file and once Saviynt fixed that then the new keyword was again available in provisioning connectors. It seems to be limited to the following cases though  that are listed in Config.groovy:

allowedStringsInTemplates = [
  "new Date(",
  "new Size(",
  "new Hashmap(",
  "new Random(",
  "new java.util.Date(",
  "new java.text.SimpleDateFormat(",
  "new com.fasterxml.jackson.databind.ObjectMapper(",
  "new String(",
  "new ArrayList(",
  "new LinkedHashMap(",
  "new Integer(",
  "new groovy.json.JsonBuilder(",
  "new org.json.JSONObject(",
  "new org.joda.time.Interval(",
  "new org.joda.time.DateTime(",
  "new GroovyRuntimeException(",
  "new StringBuilder(",
  "new java.sql.Timestamp("
]

Another related issue is that since upgrading to 5.5 SP3.12 we have been unable to use any com.saviynt classes in provisioning configurations (such as com.saviynt.ecm.identitywarehouse.domain.Users). There hasn't been any mention about that in release notes either and we've raised a Freshdesk ticket about the issue, which is still pending for a resolution.

Best regards,

Sampo

 

0 Kudos
Copyright © 2024 Khoros, LLC