-
Title
Error : "[System.Xml.XmlException] An error occurred while parsing EntityName. Line 336, position 42" when parsing encrypted password in XML for UNSAccountB -
Description
The password field for UNSAccountB table is encrypted. When a new object is created, OnSaving will run a script to generate an initial random password and will be encrypted. Sometimes this password may contain XML special characters (E.g. '<', '>', '&', ''','"', ) before encryption.
When the INSERT event is triggered for the UNSAccountB object, the OOTB process VI_UnsAccountB_Generic is generated and when the ScriptComponent - ScriptExec parses the XML containing the object snapshot provided in ParameterValue0 with XML special characters, the following error occurs:
"ErrorMessages = (2019-05-08 06:40:00.717) [System.Xml.XmlException] An error occurred while parsing EntityName. Line 336, position 42.
at StdioProcessor.StdioProcessor._Execute(Job job)
at VI.JobService.JobComponents.ScriptComponent.Activate(String task)
at VI.JobService.JobComponents.ScriptComponent._TaskScriptExec()
at VI.DB.SingleDbObjectSnapshot.FromXml(String xml)...................." -
Cause
The root cause is that there is a special XML character in the original value before encryption.Example scenario:The password of the UNSAccountB was changed to "abc<123$".That generates the process, the ParameterValue0 contains the object in XML notation and the password is encrypted:...<Column Name="Password"><NewValue Type="String">[C]<encrypted value>[C]</NewValue><OldValue Type="String" />...</Column>...At any time the Jobserver loads this job and notice that the parameter contains an encrypted value.In this case the encrypted part will be decrypted:...<Column Name="Password"><NewValue Type="String">abc<123$</NewValue><OldValue Type="String" />...</Column>...This parameter will be passed to the script execution.The script contains a command to parse the XML and handle it as an object.But the not masked special character breaks the XML structure which could lead to different errors. -
Resolution
WORKAROUND:
A workaround would be to prevent the reserved XML special characters from being used in the password.
This can be realized via Designer-> Security Settings->Password polices -> UNSAccountBGeneric :
The following characters would lead to the issue and could be defined as "denied special characters":<>&"'
STATUS:
For v8.0.3 a hotfix is avaliable. If you require this immediately corrected, please contact support for a hotfix referencing the defect ID 31869.
IMPORTANT NOTE:
At time of writing this KB, fix was compatible and implemented based on v8.0.3. There is no guarantee that everything else will work if implemented on earlier versions v8.0.X versions. It is recommend to implement the workaround for earlier versions.
-
Change Request
31869