Creation of an Admin Exceptions Tabular Report fails with 'ORA-01031: insufficient privileges' error in RSA Identity Governance & Lifecycle
3 years ago
Originally Published: 2015-06-08
Article Number
000059410
Applies To
RSA Product Set: RSA Identity Governance & Lifecycle 
RSA Version/Condition: All
Platform (DB): Oracle
 
Issue
When creating a default Admin Exceptions Report in RSA Identity Governance & Lifecycle (Reports > Tabular > Create Report button > Type: Error > Template: Admin Exceptions), the report preview fails with the following error in the user interface:
 
com.aveksa.server.runtime.ServerException: com.aveksa.server.db.PersistenceException: com.aveksa.server.db.PersistenceException: java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 122
ORA-06512: at "AVUSER.REPORTING_PKG", line 587
ORA-06512: at line 1

The aveksaServer.log file ($AVEKSA_HOME/wildfly/standalone/log/aveksaServer.log) has the same error:
 
07/22/2020 14:49:29.679 INFO  (default task-16) [com.aveksa.server.db.persistence.PersistenceServiceProvider] executeCallableStatement giving up after hitting SQLException: ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 122
ORA-06512: at "AVUSER.REPORTING_PKG", line 587
ORA-06512: at line 1

07/22/2020 14:49:29.687 ERROR (default task-16) [com.aveksa.server.report.Report] SQL: SELECT * FROM V_AVR_ADMIN_EXCEPTIONS WHERE 1=1
com.aveksa.server.runtime.ServerException: com.aveksa.server.db.PersistenceException: com.aveksa.server.db.PersistenceException: java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 122
ORA-06512: at "AVUSER.REPORTING_PKG", line 587
ORA-06512: at line 1

        at com.aveksa.server.report.Report.fillReport(Report.java:2025)
        at com.aveksa.server.report.Report.fillReportWCleanup(Report.java:1975)
        at com.aveksa.server.report.Report.fillReportForPreview(Report.java:1709)
        at com.aveksa.server.report.Report.fillReportForPreview(Report.java:1696)
        at com.aveksa.gui.objects.report.GuiReport.getPreview(GuiReport.java:940)
        at com.aveksa.gui.pages.report.report_definition.edit.tabular.BaseEditTabularReportWizard.updatePreview(BaseEditTabularReportWizard.java:203)
        at com.aveksa.gui.pages.report.report_definition.edit.tabular.BaseEditTabularReportWizard.handlePreview(BaseEditTabularReportWizard.java:147)
        at com.aveksa.gui.pages.report.report_definition.edit.tabular.BaseEditTabularReportWizard.handleRequest(BaseEditTabularReportWizard.java:109)
        at com.aveksa.gui.pages.PageManager.forwardRequest(PageManager.java:609)
        at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:340)
        at com.aveksa.gui.pages.PageManager.handleRequest(PageManager.java:271)
        at com.aveksa.gui.core.MainManager.handleRequest(MainManager.java:187)
        at com.aveksa.gui.core.MainManager.doGet(MainManager.java:131)
        at com.aveksa.gui.core.MainManager.doPost(MainManager.java:433)
. . .

Please refer to RSA Knowledge Base Article 000030327 -- Artifacts to gather in RSA Identity Governance & Lifecycle to find the location of the aveksaServer.log file for your specific deployment, if you are on a WildFly cluster or a non-WildFly platform. The aveksaServer.log may also be downloaded from the RSA Identity Governance & Lifecycle user interface (Admin > System > Server Nodes tab > under Logs.)
 
Cause
This issue occurs when the Oracle database does not have the AV_REPORT_CONTEXT created. The report context holds the filtering values for RSA Identity Governance & Lifecycle reports.

In the case of a local database supplied by RSA, the AV_REPORT_CONTEXT is created by default. This issue can occur if the AV_REPORT_CONTEXT has been removed. 

In the case of a remote database supplied by the customer, this issue can occur if the AV_REPORT_CONTEXT was not created as per the instructions in the RSA Identity Governance & Lifecycle Database Setup and Management Guide.
 
Resolution
The solution is the create a report context as follows:
  1. Login in to a SQL tool such as SQL*Plus or SQL Developer as user SYS and execute the following SQL command:
create or replace context AV_REPORT_CONTEXT using AVUSER.Reporting_Pkg;
  1. To verify that the report context has been created, execute the following:
select namespace from dba_context;
The output should return a namespace value of AV_REPORT_CONTEXT.

See the RSA Identity Governance & Lifecycle Database Setup and Management Guide for your version of RSA Identity Governance & Lifecycle for more information on setting up the report context.
 

Related Articles

Trending Articles

Don't see what you're looking for?