Purpose (problem description)
This page will help you to troubleshoot fatal error issues while running the step Run Data Flow Security Analysis - Run J2EE/.NET Data Flow Security
For more information, refer to:
- Official 8.3 Documentation - User Input Security and Application - Security Dataflow
- Error Free Logs - CMS Snapshot Analysis - Run Data Flow Security Analysis - Error Free Logs - CAST AIP 83
- Official 8.3 Documentation - User Input Security and Application - Security Dataflow
Observed in CAST AIP
Release | Yes/No |
|---|---|
| 8.3.x |  |
Observed on RDBMS
RDBMS | Yes/No |
|---|---|
| CSS4 | |
| CSS3 | |
| CSS2 | |
Step by Step scenario
- Run optional data flow security analysis
Action Plan
- There are several steps that are performed in Security Analysis, so first you will have to identify the step where the issue occurs. Following list has been created from issues that have already occurred and is not exhaustive of all steps.
- Issue occurs during verification of previously created content in LISA folder. Each J2EE/.NET execution is referring to a separate sub-folder which has an Assemblies.txt file which refers to .castil bytecode files in the same folder. DataFlowRunner.exe uses the Assemblies.txt to retrieve the list of created castil files from previous analysis steps. The relevant information messages are:
2021-10-08 07:17:49,665 [1] INFO Adding CastIL assembly folder S:\LISA\LISA\db86d52e77504e919e76ade2939b29e0\Scr985db6346c5d4002bcf0d1f9db46cb6d
2021-10-08 07:17:49,712 [1] INFO Guid storage loaded from S:\LISA\LISA\db86d52e77504e919e76ade2939b29e0\Scr985db6346c5d4002bcf0d1f9db46cb6d\BuildAgent.guids
2021-10-08 07:17:49,727 [1] INFO List of required castil files:
Several different issues can occur:- Issue occurs while searching for the Assemblies.txt like:
2021-10-25 11:12:29,015 [1] ERROR System.ApplicationException: Exception while processing user input security ---> System.IO.FileNotFoundException: Could not find file 'D:\CASTMS\Storage\LISA\6556f8a06a8d42baaa7819e145e87024\Scr677b6c2fa2f445c9935c41c4a3ce3fc3\Assemblies.txt'- Open LISA folder location and check that file exists.
- If it exists then this may indicate some rights issue
- Verify CMS installation and that you have all the expected read/write/execute errors on CMS and LISA folders.
- Launch CMS/AIP Node as administrator and perform same action. If administrator mode works then this is an access issue and you will have to contact your IT.
- If it does not exist, then according to the technology that is used:
- For .NET data flow analysis you will have to check the relevant .NET analysis log and verify any issue that occurred during the main .NET analysis. Open .NET analysis log:
- Verify that .NET analysis finished correctly and all csproj have been analyzed, following troubleshooting pages for CMS Snapshot Analysis - Run Analyzer and sections that are relevant to .NET analysis.
- Since a crash/exception in main .NET analysis can lead to partial results, and is logged as a warning specifically check CMS Snapshot Analysis - Run Analyzer - Warnings - DOTNet with extension - DotNet Analyzer
- If you find any issue, then this is a main .NET analysis issue and you will first have to resolve it. After that, run full analysis/snapshot.
- For J2EE data flow and when SecurityForJava extension is used(recommended), Assemblies.txt is created by both JEE extension and Security for Java if the file is missing. This happens during main JEE analysis. Follow below steps:
- Verify that JEE analysis finished correctly , following troubleshooting pages for CMS Snapshot Analysis - Run Analyzer and sections that are relevant to .JEE analysis.
- Since a crash/exception in main JEE analysis can lead to partial results, and is logged as a warning specifically check CMS Snapshot Analysis - Run Analyzer - Warnings - JEE with extension
- Check any issue that is logged by Security For Java extension following CMS Snapshot Analysis - Run Analyzer - Warnings - JEE with extension - Security for Java
- If you find any issue, then this is a main JEE analysis issue and you will first have to resolve it. After that, run full analysis/snapshot
- For .NET data flow analysis you will have to check the relevant .NET analysis log and verify any issue that occurred during the main .NET analysis. Open .NET analysis log:
- Issue occurs while validating the existence of castil files which list is contained in Assemblies.txt like:
2021-10-08 07:17:50,384 [1] FATAL Exception while reading Assemblies.txt. File: S:\LISA\LISA\db86d52e77504e919e76ade2939b29e0\Scr782d54de0e3f409d8651bdc02dc725f1\Batch_1985ddca.castil. Detail: System.IO.FileNotFoundException: Could not find file 'S:\LISA\LISA\db86d52e77504e919e76ade2939b29e0\Scr782d54de0e3f409d8651bdc02dc725f1\Batch_1985ddca.castil'.
File name: 'S:\LISA\LISA\db86d52e77504e919e76ade2939b29e0\Scr782d54de0e3f409d8651bdc02dc725f1\Batch_1985ddca.castil'- Open LISA folder location and check that file exists.
- If it exists then this may indicate some rights issue
- Verify CMS installation and that you have all the expected read/write/execute errors on CMS and LISA folders
- Launch CMS/AIP Node as administrator and perform same action. If administrator mode works then this is an access issue and you will have to contact your IT
- If it does not exist, then according to the technology that is used:
- For .NET data flow analysis you will have to check the relevant .NET analysis log as the castil bytecode files are created during the technology analysis. Verify any issue that occurred during the main .NET analysis. Open .NET analysis log:
- Verify that .NET analysis finished correctly and all csproj have been analyzed, following troubleshooting pages for CMS Snapshot Analysis - Run Analyzer and sections that are relevant to .NET analysis.
- Since a crash/exception in main .NET analysis can lead to partial results, and is logged as a warning specifically check CMS Snapshot Analysis - Run Analyzer - Warnings - DOTNet with extension - DotNet Analyzer and CMS Snapshot Analysis - Run Analyzer - Warnings - DOTNet with extension - DotNet Analyzer - Erreur while saving generated code
- If you find any issue, then this is a main .NET analysis issue and you will first have to resolve it. After that, run full analysis/snapshot.
- For J2EE data flow and when SecurityForJava with version >=1.6 is used(recommended), the castil bytecode files are created during Run extensions at application level when SecurityForJava extension is running:
- Follow the troubleshooting guides for CMS Snapshot Analysis - Run Extensions at Application Level, more specifically the steps to identify when SecurityForJava extension is running
- If SecurityForJva extension has been launched, follow guide CMS Snapshot Analysis - Run Extensions at Application Level - Security For Java
- For .NET data flow analysis you will have to check the relevant .NET analysis log as the castil bytecode files are created during the technology analysis. Verify any issue that occurred during the main .NET analysis. Open .NET analysis log:
- Issue occurs while searching for the Assemblies.txt like:
- Issue occurs during verification of previously created content in LISA folder. Each J2EE/.NET execution is referring to a separate sub-folder which has an Assemblies.txt file which refers to .castil bytecode files in the same folder. DataFlowRunner.exe uses the Assemblies.txt to retrieve the list of created castil files from previous analysis steps. The relevant information messages are:
- If the issue still exists contact CAST Technical Support with the following Relevant input.
Relevant input
- CAST Support Tool (CST) - alias Sherlock Export with options Export Logs and Export Databases (Management Base and Knowledge Base only)
- LISA folder
Related Pages
