RSA WebSerivce "Invalid column name" when creating a change request to terminate a user in RSA Governance & Lifecycle
2 years ago
Article Number
000071914
Applies To

This is a known issue in the following versions:

  • RSA Governance & Lifecycle 7.2.x
  • RSA Governance & Lifecycle 7.5.0
  • SecurID Governance & Lifecycle 7.5.2
Issue
While trying to create a change request to terminate a user using webservice using the below form. 
<UserChange>
<Operation>Terminate</Operation>
<User>value</User>
<Parameters>
<Parameter>
<!-- Deleting/Locking/Disabling all the accounts that are mapped to the user -->
<Name>ActionOnMappedAccounts</Name>
<Value>Delete Or Lock or Disable</Value>
</Parameter>
<Parameter>
<!-- Either disable the shared account or reset the shared account password -->
<Name>ActionOnSharedAccount</Name>
<Value>Disable or Reset</Value>
</Parameter>
<Parameter>
<!-- Either disable the service account or reset the service account password -->
<Name>ActionOnServiceAccount</Name>
<Value>Disable or Reset</Value>
</Parameter>
<Parameter>
<!-- Revoke all entitlements of user -->
<Name>RevokeAllEnts</Name>
<Value>True or false</Value>
</Parameter>
</Parameters>
</UserChange>
 
The Account Id is not retrieved, and no account changes are created.
image.png

The following error message appears in the aveksaServer.log: 
01/26/2024 11:09:29.648 ERROR (default task-5) [org.hibernate.engine.jdbc.spi.SqlExceptionHelper] Invalid column name
01/26/2024 11:09:29.658 ERROR (default task-5) [com.aveksa.server.db.persistence.PersistenceServiceProvider] Error while executing the named query: get-user-account-ids-with-no-service-shared-condition with Params: {user_id=12345678}
org.hibernate.exception.GenericJDBCException: could not execute query
        at org.hibernate.exception.internal.StandardSQLExceptionConverter.convert(StandardSQLExceptionConverter.java:47)
        at org.hibernate.engine.jdbc.spi.SqlExceptionHelper.convert(SqlExceptionHelper.java:109)
        at org.hibernate.loader.Loader.doList(Loader.java:2620)
        at org.hibernate.loader.Loader.doList(Loader.java:2600)
        at org.hibernate.loader.Loader.listIgnoreQueryCache(Loader.java:2429)
        at org.hibernate.loader.Loader.list(Loader.java:2424)
        at org.hibernate.loader.custom.CustomLoader.list(CustomLoader.java:336)
        at org.hibernate.internal.SessionImpl.listCustomQuery(SessionImpl.java:1967)
        at org.hibernate.internal.AbstractSessionImpl.list(AbstractSessionImpl.java:322)
        at org.hibernate.internal.SQLQueryImpl.list(SQLQueryImpl.java:125)
  ...


 
Cause
The column alias name not does not match the column name used in hibernate queries.
Resolution
This is resolved in the following versions.  
  • RSA Governance & Lifecycle 7.2.1 P12
  • RSA Governance & Lifecycle 7.5.0 P08
  • SecurID Governance & Lifecycle 7.5.2 P04
  • RSA Governance & Lifecycle 8.0.0

Account Ids are retrieved successfully, and account changes are created as expected.

image.png

Related Articles

Trending Articles

Don't see what you're looking for?