63991 - Errors occur when SASServer1_1 (under AIX) tries to communicate with another SAS® Web Application Server in a LINUX operating environment

Problem Note 63991: Errors occur when SASServer1_1 (under AIX) tries to communicate with another SAS® Web Application Server in a LINUX operating environment

When a SAS Web Application Server that is in a LINUX operating environment tries to communicate with SASServer1_1 that is in an AIX operating environment, an error is generated in the SAS web-application log. For example, the error that is shown below is generated with SASServer1_1 under AIX and SASServer15_1 under LINUX. This error is taken from the SASDataloaderssharedservices.log file that resides in the SAS-configuration-directory/LevN/Web/Logs/SASServer15_1/ directory:

2018-03-05 15:44:02,608 [tomcat-http--17] WARN [sasdemo] com.sas.svcs.authentication.helper.PasswordRecoveryUtil - encrypted string could not be decrypted - returning string unchanged javax.crypto.BadPaddingException: Decryption error

        at sun.security.rsa.RSAPadding.unpadOAEP(RSAPadding.java:499)

        at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:293)

        at com.sun.crypto.provider.RSACipher.doFinal(RSACipher.java:365)

        at com.sun.crypto.provider.RSACipher.engineDoFinal(RSACipher.java:391

        at javax.crypto.Cipher.doFinal(Cipher.java:2128)

        at com.sas.svcs.authentication.helper.PasswordRecoveryUtil.decryptString(PasswordRecoveryUtil.java:802)

        at com.sas.svcs.authentication.helper.PasswordRecoveryUtil.revealCredential(PasswordRecoveryUtil.java:757)

        at com.sas.svcs.authentication.helper.PasswordRecoveryUtil.recoverUserNameAndPassword(PasswordRecoveryUtil.java:388)

        at com.sas.svcs.authentication.helper.PasswordRecoveryUtil.recoverUserNameAndPassword(PasswordRecoveryUtil.java:282)

        at com.sas.svcs.authentication.helper.UserSessionFactory.createLocalSession(UserSessionFactory.java:442)

        at com.sas.svcs.authentication.helper.UserSessionFactory.getLocalSession(UserSessionFactory.java:235)

        at com.sas.svcs.authentication.helper.UserSessionFactory.getLocalSession(UserSessionFactory.java:292)

        at com.sas.svcs.authentication.helper.UserSessionFactory.getLocalUser(UserSessionFactory.java:312)

        at com.sas.svcs.authentication.helper.UserSessionFactory.getLocalUser(UserSessionFactory.java:301)

To resolve this issue, add the following Java virtual machine (JVM) option to the setenv.sh file that resides in SAS-configuration-directory/LevN/Web/WebAppServer/SASServer_X/bin/:

-Dcom.sas.svcs.authentication.helper.PasswordRecoveryUtil.cipherTransform=RSA/ECB/OAEPWithSHA-1AndMGF1Padding

Note: In this case,SASServerX_X specifies the SAS Web Application Server that is installed and configured on the LINUX machine.

After you add the JVM option, you need to restart SAS Web Application Server for the change to take effect.

Operating System and Release Information

Product Family	Product	System	SAS Release
Product Family	Product	System	Reported	Fixed*
SAS System	SAS Web Application Server	64-bit Enabled AIX	9.4 TS1M0	9.4 TS1M6
		64-bit Enabled Solaris	9.4 TS1M0	9.4 TS1M6
		HP-UX IPF	9.4 TS1M0	9.4 TS1M6
		Linux for x64	9.4 TS1M0	9.4 TS1M6
		Solaris for x64	9.4 TS1M0	9.4 TS1M6

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	medium

Date Modified:	2020-05-20 09:02:20
Date Created:	2019-04-05 13:38:39

Support

Problem Note 63991: Errors occur when SASServer1_1 (under AIX) tries to communicate with another SAS® Web Application Server in a LINUX operating environment

Operating System and Release Information