UNABLE TO PASS THE HEADERS FOR REST API URL IN PMF WORKFLOW
(Doc ID 3038550.1)
Last updated on AUGUST 04, 2024
Applies to:
Oracle Financial Services Analytical Applications Infrastructure - Version 8.1.1 and laterInformation in this document applies to any platform.
Symptoms
Unable to pass the headers in PMF workflow and we can see the below error in the nohup.out log file.
Jul 23, 2024 10:48:46 PM org.owasp.esapi.logging.java.JavaLogLevelHandlers log
WARNING: [SECURITY FAILURE Anonymous:@unknown -> /ExampleApplication/IntrusionDetector] Invalid input: context=ValidationFramework, type(OFS_AAI_PMF_PMF_WEB_SERVICE_HEADER_PARAMETER)=[0-9]*|(null[ ]*), input={"AccessKeyId":"~~xx_DF_QRATE_ACCESSKEY~~","TimeStamp":"~~xx_DF_QRATE_AUTH_TIMESTAMP~~","Signature":"~~xxx_DF_QRATE_AUTH_SIGN~~"}
org.owasp.esapi.errors.ValidationException: ValidationFramework: Invalid input. Please conform to regex [0-9]*|(null[ ]*) with a maximum length of 128
at org.owasp.esapi.reference.validation.StringValidationRule.checkWhitelist(StringValidationRule.java:140)
at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:283)
at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:284)
at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:258)
at com.ofs.aai.common.security.OFSAASecurityValidator.validateInputESAPI(OFSAASecurityValidator.java:570)
at com.ofs.aai.common.security.OFSAASecurityValidator.validateJSONObject(OFSAASecurityValidator.java:265)
at com.ofs.aai.service.wf.nextgen.adapter.SecurityServicesAdapter.validateInputs(SecurityServicesAdapter.java:32)
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |