Error (6632) while running a Report

Posted on February 29, 2012 at 10:08am

 I am getting this error while trying to run a report BUT couple of other reports are running fine.

Error Message:

1 - An error has occurred. Please contact your system administrator. (6632)

java.lang.Exception: 1 - An error has occurred. Please contact your system administrator. (6632)
    at com.jaspersoft.ireport.jasperserver.ws.WSClient.runReport(WSClient.java:403)
    at com.jaspersoft.ireport.jasperserver.ws.WSClient.runReport(WSClient.java:320)
    at com.jaspersoft.ireport.jasperserver.ReportRunner.run(ReportRunner.java:70)
    at org.openide.util.RequestProcessor$Task.run(RequestProcessor.java:572)
    at org.openide.util.RequestProcessor$Processor.run(RequestProcessor.java:997)

JasperReports® Server
uzair_sheikh's picture
uzair_sheikh
122
Joined: Feb 17 2012 - 4:45am
Last seen: 11 years 3 months ago

7 Answers:

Posted on February 29, 2012 at 10:23am


This error is related to SQL Injection secuirty related fix in 4.5

 

1. Please check that the report you are running does not contain the SQL query which has comments in start of query. As of 4.5, such queries will not be allowed , as they pose SQL Injection security risk

2. can u please add exact error log from the "jasperserver.log" to get the exact error message. Then we will be able to provide you the correct workaround by configuring the secuirty related properties file

3. As easy workaround, you can also go to /jasperserver-pro/WEB-INF/classes/esapi/security-config.properties file and then disable the secuirty for SQL Injection:-

security.validation.sql.on=true

 

thanks

Ramnik Kaur

Lead QA Engineer

ramnik's picture
ramnik
2729
Joined: Mar 16 2007 - 9:10am
Last seen: 16 years 2 months ago

I have removed all the comment from the sql and implemented in report and sub report.now report run successfully. Thanks a lot.
Amit Kukadiya

amit.kukadiya9 - 8 years 10 months ago

there were no comments in the query. it takes one parameter as input. it works if disable the security but we don't prefer it.

tharasavio - 6 years 3 months ago

Thank you Ramik, your help has helped me a lot.

Greetins.

carlos.pena_1 - 2 years 7 months ago
add comment
Posted on March 19, 2012 at 10:41am

Hi, I am a new user of jasper report. I am making interactive report using jasper report tool.

I am suffring from the same problem. I followed your suggession but it is not working. I am getting the same error after editing the property file security-config.properties.

I changed the value of this security.validation.sql.on from true to false.

security.validation.sql.on=false
  I am sending the log file. Please have a look.

 Please help me if anyone find the solution.

Thanks

 
 



Post Edited by ankitfrhs at 03/20/2012 14:41

Code:
2012-03-20 20:24:06,061  WARN ValidatorImpl,http-8080-5:259 - No rule for parameter [yearname]. Using default validation on input=[2012].
2012-03-20 20:24:06,064  WARN ValidatorImpl,http-8080-5:259 - No rule for parameter [monthname]. Using default validation on input=[Jan].
2012-03-20 20:24:06,921  WARN IntrusionDetector,http-8080-5:449 - [SECURITY FAILURE Anonymous:null@unknown -> /ExampleApplication/IntrusionDetector] Input exceeds maximum allowed length of 50000 by 281 characters: context=SQL_Query_Executor_context, type=ValidSQL
org.owasp.esapi.errors.ValidationException: SQL_Query_Executor_context: Invalid input. The maximum length of 50000 characters was exceeded.
	at org.owasp.esapi.reference.validation.StringValidationRule.checkLength(StringValidationRule.java:214)
	at org.owasp.esapi.reference.validation.StringValidationRule.checkLength(StringValidationRule.java:229)
	at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:281)
	at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:213)
	at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:185)
	at com.jaspersoft.jasperserver.api.security.validators.ValidatorImpl.validateSQL(ValidatorImpl.java:388)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.util.JRTimezoneJdbcQueryExecuter.createDatasource(JRTimezoneJdbcQueryExecuter.java:166)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.createQueryDataSource(EngineServiceImpl.java:766)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillQueryReport(EngineServiceImpl.java:784)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillReport(EngineServiceImpl.java:733)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillReport(EngineServiceImpl.java:389)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.executeReport(EngineServiceImpl.java:890)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.domain.impl.ReportUnitRequest.execute(ReportUnitRequest.java:57)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.execute(EngineServiceImpl.java:320)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.executeReport(ViewReportAction.java:499)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.executeReport(ViewReportAction.java:489)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.runReport(ViewReportAction.java:322)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.webflow.action.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:98)
	at org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:123)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:79)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:391)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:386)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:391)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:560)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:386)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:230)
	at org.springframework.webflow.engine.ViewState.resume(ViewState.java:196)
	at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
	at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:163)
	at sun.reflect.GeneratedMethodAccessor280.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
	at org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:66)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
	at $Proxy19.resumeExecution(Unknown Source)
	at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
	at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174)
	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:399)
	at com.jaspersoft.jasperserver.api.security.IPadSupportFilter.doFilter(IPadSupportFilter.java:67)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.JSSwitchUserProcessingFilter.doFilterHttp(JSSwitchUserProcessingFilter.java:154)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
	at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:105)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:139)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter.doFilter(RequestParameterAuthenticationFilter.java:97)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:278)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.logging.filter.BasicLoggingFilter.doFilter(BasicLoggingFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.JSCsrfGuardFilter.doFilter(JSCsrfGuardFilter.java:81)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.WebAppSecurityFilter.doFilter(WebAppSecurityFilter.java:83)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.MultipartRequestWrapperFilter.doFilter(MultipartRequestWrapperFilter.java:90)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:188)
	at org.springframework.security.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:99)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:67)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:558)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
	at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:859)
	at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
	at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1555)
	at java.lang.Thread.run(Thread.java:619)
2012-03-20 20:24:06,937 ERROR ValidatorImpl,http-8080-5:48 - An error has occurred. Please contact your system administrator. (6632)
org.owasp.esapi.errors.ValidationException: SQL_Query_Executor_context: Invalid input. The maximum length of 50000 characters was exceeded.
	at org.owasp.esapi.reference.validation.StringValidationRule.checkLength(StringValidationRule.java:214)
	at org.owasp.esapi.reference.validation.StringValidationRule.checkLength(StringValidationRule.java:229)
	at org.owasp.esapi.reference.validation.StringValidationRule.getValid(StringValidationRule.java:281)
	at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:213)
	at org.owasp.esapi.reference.DefaultValidator.getValidInput(DefaultValidator.java:185)
	at com.jaspersoft.jasperserver.api.security.validators.ValidatorImpl.validateSQL(ValidatorImpl.java:388)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.util.JRTimezoneJdbcQueryExecuter.createDatasource(JRTimezoneJdbcQueryExecuter.java:166)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.createQueryDataSource(EngineServiceImpl.java:766)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillQueryReport(EngineServiceImpl.java:784)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillReport(EngineServiceImpl.java:733)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.fillReport(EngineServiceImpl.java:389)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.executeReport(EngineServiceImpl.java:890)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.domain.impl.ReportUnitRequest.execute(ReportUnitRequest.java:57)
	at com.jaspersoft.jasperserver.api.engine.jasperreports.service.impl.EngineServiceImpl.execute(EngineServiceImpl.java:320)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.executeReport(ViewReportAction.java:499)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.executeReport(ViewReportAction.java:489)
	at com.jaspersoft.jasperserver.war.action.ViewReportAction.runReport(ViewReportAction.java:322)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.webflow.action.DispatchMethodInvoker.invoke(DispatchMethodInvoker.java:98)
	at org.springframework.webflow.action.MultiAction.doExecute(MultiAction.java:123)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at org.springframework.webflow.action.EvaluateAction.doExecute(EvaluateAction.java:79)
	at org.springframework.webflow.action.AbstractAction.execute(AbstractAction.java:188)
	at org.springframework.webflow.execution.AnnotatedAction.execute(AnnotatedAction.java:145)
	at org.springframework.webflow.execution.ActionExecutor.execute(ActionExecutor.java:51)
	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:101)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:391)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.TransitionableState.handleEvent(TransitionableState.java:119)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:555)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:386)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ActionState.doEnter(ActionState.java:105)
	at org.springframework.webflow.engine.State.enter(State.java:194)
	at org.springframework.webflow.engine.Transition.execute(Transition.java:227)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.execute(FlowExecutionImpl.java:391)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.execute(RequestControlContextImpl.java:214)
	at org.springframework.webflow.engine.Flow.handleEvent(Flow.java:560)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.handleEvent(FlowExecutionImpl.java:386)
	at org.springframework.webflow.engine.impl.RequestControlContextImpl.handleEvent(RequestControlContextImpl.java:210)
	at org.springframework.webflow.engine.ViewState.handleEvent(ViewState.java:230)
	at org.springframework.webflow.engine.ViewState.resume(ViewState.java:196)
	at org.springframework.webflow.engine.Flow.resume(Flow.java:545)
	at org.springframework.webflow.engine.impl.FlowExecutionImpl.resume(FlowExecutionImpl.java:259)
	at org.springframework.webflow.executor.FlowExecutorImpl.resumeExecution(FlowExecutorImpl.java:163)
	at sun.reflect.GeneratedMethodAccessor280.invoke(Unknown Source)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
	at java.lang.reflect.Method.invoke(Method.java:597)
	at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:307)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
	at org.springframework.security.intercept.method.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:66)
	at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
	at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
	at $Proxy19.resumeExecution(Unknown Source)
	at org.springframework.webflow.mvc.servlet.FlowHandlerAdapter.handle(FlowHandlerAdapter.java:183)
	at org.springframework.webflow.mvc.servlet.FlowController.handleRequest(FlowController.java:174)
	at org.springframework.web.servlet.mvc.SimpleControllerHandlerAdapter.handle(SimpleControllerHandlerAdapter.java:48)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:875)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:807)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:571)
	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:511)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:399)
	at com.jaspersoft.jasperserver.api.security.IPadSupportFilter.doFilter(IPadSupportFilter.java:67)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.JSSwitchUserProcessingFilter.doFilterHttp(JSSwitchUserProcessingFilter.java:154)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.intercept.web.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
	at org.springframework.security.intercept.web.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.ExceptionTranslationFilter.doFilterHttp(ExceptionTranslationFilter.java:101)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.providers.anonymous.AnonymousProcessingFilter.doFilterHttp(AnonymousProcessingFilter.java:105)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.metadata.user.service.impl.MetadataAuthenticationProcessingFilter.doFilter(MetadataAuthenticationProcessingFilter.java:139)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.util.RequestParameterAuthenticationFilter.doFilter(RequestParameterAuthenticationFilter.java:97)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.basicauth.BasicProcessingFilter.doFilterHttp(BasicProcessingFilter.java:174)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.ui.AbstractProcessingFilter.doFilterHttp(AbstractProcessingFilter.java:278)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.UserPreferencesFilter.doFilter(UserPreferencesFilter.java:184)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.logging.filter.BasicLoggingFilter.doFilter(BasicLoggingFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.JSCsrfGuardFilter.doFilter(JSCsrfGuardFilter.java:81)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.api.security.WebAppSecurityFilter.doFilter(WebAppSecurityFilter.java:83)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at com.jaspersoft.jasperserver.war.MultipartRequestWrapperFilter.doFilter(MultipartRequestWrapperFilter.java:90)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.context.HttpSessionContextIntegrationFilter.doFilterHttp(HttpSessionContextIntegrationFilter.java:235)
	at org.springframework.security.ui.SpringSecurityFilter.doFilter(SpringSecurityFilter.java:53)
	at org.springframework.security.util.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:411)
	at org.springframework.security.util.FilterChainProxy.doFilter(FilterChainProxy.java:188)
	at org.springframework.security.util.FilterToBeanProxy.doFilter(FilterToBeanProxy.java:99)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at com.jaspersoft.jasperserver.war.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:67)
	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:236)
	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:558)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:298)
	at org.apache.coyote.http11.Http11AprProcessor.process(Http11AprProcessor.java:859)
	at org.apache.coyote.http11.Http11AprProtocol$Http11ConnectionHandler.process(Http11AprProtocol.java:579)
	at org.apache.tomcat.util.net.AprEndpoint$Worker.run(AprEndpoint.java:1555)
	at java.lang.Thread.run(Thread.java:619)
</td></tr></tbody></table><br><br>Post Edited by ankitfrhs at 03/20/2012 15:06
ankitfrhs's picture
ankitfrhs
190
Joined: Mar 19 2012 - 8:49am
Last seen: 11 years 2 months ago
Posted on March 22, 2012 at 9:39pm
Look at this:

http://jaspershare.blogspot.com/2012/03/jasperserver-limitation-on-domain-query.html

Thanks.
jcuser's picture
jcuser
276
Joined: Dec 19 2011 - 3:18am
Last seen: 7 years 8 months ago
Posted on March 22, 2012 at 11:55pm

Thanks for reply. but i am having same problem after changing the security property. Please give me another suggesstion through which i can solve my problem.

Thanks.

 

I am creating another ireport. This ireport is running in jasper server but not showing data. i am taking two parameter through which the data should be displayed in the

report,

sending the log file of errors.

2012-03-23 12:10:31,737  WARN ValidatorImpl,http-8080-5:259 - No rule for parameter [_R_monthname_]. Using default validation on input=[Jan].
2012-03-23 12:10:31,761  WARN ValidatorImpl,http-8080-5:259 - No rule for parameter [_R_yearname_]. Using default validation on input=[2012].
2012-03-23 12:10:35,786  WARN ValidatorImpl,http-8080-5:259 - No rule for parameter [pageIndex]. Using default validation on input=[1].
 

Please help me.Thanks.

ankitfrhs's picture
ankitfrhs
190
Joined: Mar 19 2012 - 8:49am
Last seen: 11 years 2 months ago
Posted on May 17, 2012 at 2:09am

hi all,

 

 

for me this error got resolved after changing the security-config.properties file.

 

 

security.validation.sql.on=false

 

 

kcsekhar25's picture
kcsekhar25
484
Joined: Apr 24 2011 - 7:00am
Last seen: 5 months 3 weeks ago
Posted on April 10, 2013 at 10:29pm

Hello. I have similar error in my report.  I am getting this error if I use “common table expression” in my sql query.  I use MS SQL Server.
for example:
declare @var integer
or
with a as ( select…)

Solution for this problem:
Go to // WEB-INF/classes/esapi/validation.properties
Find property:
Validator.ValidSQL=(?is)^\\s*(select)\\s+[^;]+;?\\s*$
And change in to:
Validator.ValidSQL=(?is)^\\s*(select|with|declare)\\s+[^;]+;?\\s*$

If you want to use other sql constructions (in start of  query string), just add to regular expressions your sql command.

 

alexander.bezverkhniy's picture
alexander.bezve...
69
Joined: Jan 23 2013 - 9:17pm
Last seen: 8 years 6 months ago

mysql does not support common table expression and with clause.

kcsekhar25 - 10 years 1 month ago
sirbryanheart - 3 years 11 months ago
add comment
Posted on July 13, 2014 at 11:33pm

I have removed all the comment from the sql and implemented in report and sub report.now report run successfully.

Thanks,

Amit Kukadiya

amit.kukadiya9's picture
amit.kukadiya9
93
Joined: May 24 2013 - 3:26am
Last seen: 6 years 7 months ago
Feedback