Having problems with your account or logging in?
A lot of changes are happening in the community right now. Some may affect you. READ MORE HERE
MHuschenbett Contributor.
Contributor.
3260 views

Submit bugs from SSC to AzureDevOps

Jump to solution

Hello everyone.

I am currently trying to submit bugs from SSC to our AzureDevOps instance (former know as VSTS). I want to use the official TFS/VSTS-Plugin.
My problem here is, that the connection test fails every time and the ssc log tells me the following:

2019-03-22 13:48:59,250   [ERROR] com.fortify.manager.logging.ExceptionInterceptor - Intercepted exception of type [com.fortify.pub.bugtracker.support.BugTrackerException] thrown by target class [com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl] and method [public com.fortify.server.platform.shared.resources.ApiActionResponse com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl.doAction(java.lang.Long,com.fortify.server.platform.shared.resources.ApiCollectionAction,com.fortify.server.platform.shared.util.ApiRequestInfo)]
com.fortify.pub.bugtracker.support.BugTrackerException: There was an error validating the TFS provided config
        at com.fortify.plugin.connector.bugtracker.ConnectorBugTrackerLegacyServiceImpl.doRequest(ConnectorBugTrackerLegacyServiceImpl.java:193) ~[plugin-connector-1.3.1071.jar:?]
        at com.fortify.plugin.connector.bugtracker.ConnectorBugTrackerLegacyServiceImpl.testConfiguration(ConnectorBugTrackerLegacyServiceImpl.java:124) ~[plugin-connector-1.3.1071.jar:?]
        at com.fortify.manager.plugin.bugtracker.LegacyBugTrackerPluginProxy.testConfiguration(LegacyBugTrackerPluginProxy.java:120) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.bugtracker.BugTrackerPluginManagerImpl.testConfiguration(BugTrackerPluginManagerImpl.java:167) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.BugTrackerBLLImpl.testBugTrackerConfiguration(BugTrackerBLLImpl.java:320) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.BugTrackerBLLImpl$$FastClassBySpringCGLIB$$e5e3cfc7.invoke(<generated>) ~[ssc-core-18.20.1071.jar:?]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at com.fortify.manager.logging.ExceptionInterceptor.aroundBll(ExceptionInterceptor.java:69) [ssc-core-18.20.1071.jar:?]
        at sun.reflect.GeneratedMethodAccessor255.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
        at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69) ~[spring-security-core-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at com.fortify.manager.security.FmMethodSecurityInteceptor.invoke(FmMethodSecurityInteceptor.java:45) ~[ssc-core-18.20.1071.jar:?]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at com.fortify.manager.BLL.impl.BugTrackerBLLImpl$$EnhancerBySpringCGLIB$$fe887b8b.testBugTrackerConfiguration(<generated>) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl.testBugTrackerConfiguration(ProjectVersionBugTrackerCoreChildBLLImpl.java:142) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl.doAction(ProjectVersionBugTrackerCoreChildBLLImpl.java:128) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl.doAction(ProjectVersionBugTrackerCoreChildBLLImpl.java:50) ~[ssc-core-18.20.1071.jar:?]
        at com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl$$FastClassBySpringCGLIB$$a790d660.invoke(<generated>) ~[ssc-core-18.20.1071.jar:?]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.MethodInvocationProceedingJoinPoint.proceed(MethodInvocationProceedingJoinPoint.java:85) ~[spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at com.fortify.manager.logging.ExceptionInterceptor.aroundBll(ExceptionInterceptor.java:69) [ssc-core-18.20.1071.jar:?]
        at sun.reflect.GeneratedMethodAccessor255.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
        at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethodWithGivenArgs(AbstractAspectJAdvice.java:627) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.AbstractAspectJAdvice.invokeAdviceMethod(AbstractAspectJAdvice.java:616) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.aspectj.AspectJAroundAdvice.invoke(AspectJAroundAdvice.java:70) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:69) [spring-security-core-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at com.fortify.manager.security.FmMethodSecurityInteceptor.invoke(FmMethodSecurityInteceptor.java:45) [ssc-core-18.20.1071.jar:?]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673) [spring-aop-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at com.fortify.manager.BLL.impl.core.ProjectVersionBugTrackerCoreChildBLLImpl$$EnhancerBySpringCGLIB$$94d7f6f6.doAction(<generated>) [ssc-core-18.20.1071.jar:?]
        at com.fortify.server.platform.shared.util.RestApiCoreBLLHelper.doCollectionAction(RestApiCoreBLLHelper.java:427) [web-platform-shared-18.20.1071.jar:?]
        at com.fortify.server.platform.endpoints.rest.BugTrackerOfProjectVersionController.doAction(BugTrackerOfProjectVersionController.java:56) [web-platform-endpoints-18.20.1071.jar:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_191]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_191]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_191]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_191]
        at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:205) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:133) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:97) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:827) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:738) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:85) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:967) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:901) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:970) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:872) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:660) [servlet-api.jar:?]
        at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:846) [spring-webmvc-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:741) [servlet-api.jar:?]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:115) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:111) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at com.fortify.manager.web.security.auth.FmX509AuthenticationFilter.doFilter(FmX509AuthenticationFilter.java:41) [ssc-core-18.20.1071.jar:?]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.kerberos.web.authentication.SpnegoAuthenticationProcessingFilter.doFilter(SpnegoAuthenticationProcessingFilter.java:128) [spring-security-kerberos-web-1.0.1.RELEASE.jar:1.0.1.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilterInternal(BasicAuthenticationFilter.java:158) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at com.fortify.manager.web.security.auth.FmApiBasicAuthenticationFilter.doFilterInternal(FmApiBasicAuthenticationFilter.java:24) [ssc-core-18.20.1071.jar:?]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177) [spring-security-web-4.1.5.RELEASE.jar:4.1.5.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at com.fortify.manager.web.filters.WebRequestFilter.doFilterInternal(WebRequestFilter.java:47) [ssc-core-18.20.1071.jar:?]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at org.springframework.web.filter.RequestContextFilter.doFilterInternal(RequestContextFilter.java:99) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at com.fortify.manager.web.filters.SessionTimeoutFilter.doFilterInternal(SessionTimeoutFilter.java:65) [ssc-core-18.20.1071.jar:?]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at com.fortify.manager.web.filters.SecurityHeadersFilter.doFilter(SecurityHeadersFilter.java:67) [ssc-core-18.20.1071.jar:?]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at com.fortify.manager.web.filters.HostHeaderFilter.doFilterInternal(HostHeaderFilter.java:95) [ssc-core-18.20.1071.jar:?]
        at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263) [spring-web-4.3.15.RELEASE.jar:4.3.15.RELEASE]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:53) [tomcat-websocket.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at net.sf.ehcache.constructs.web.filter.GzipFilter.doFilter(GzipFilter.java:95) [ehcache-web-2.0.4.jar:?]
        at net.sf.ehcache.constructs.web.filter.Filter.doFilter(Filter.java:86) [ehcache-web-2.0.4.jar:?]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at org.apache.logging.log4j.web.Log4jServletFilter.doFilter(Log4jServletFilter.java:71) [log4j-web-2.10.0.jar:2.10.0]
        at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) [catalina.jar:9.0.12]
        at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) [catalina.jar:9.0.12]
        at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199) [catalina.jar:9.0.12]
        at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) [catalina.jar:9.0.12]
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:490) [catalina.jar:9.0.12]
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) [catalina.jar:9.0.12]
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) [catalina.jar:9.0.12]
        at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:668) [catalina.jar:9.0.12]
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) [catalina.jar:9.0.12]
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) [catalina.jar:9.0.12]
        at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) [tomcat-coyote.jar:9.0.12]
        at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) [tomcat-coyote.jar:9.0.12]
        at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:770) [tomcat-coyote.jar:9.0.12]
        at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1415) [tomcat-coyote.jar:9.0.12]
        at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) [tomcat-coyote.jar:9.0.12]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_191]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_191]
        at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) [tomcat-util.jar:9.0.12]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_191]
2019-03-22 13:48:59,256   [ERROR] com.fortify.server.platform.shared.spring.RestApiExceptionHandlerAdvice - com.fortify.manager.exception.FMUserInputException: There was an error validating the TFS provided config [url: &#x2F;ssc&#x2F;api&#x2F;v1&#x2F;projectVersions&#x2F;11&#x2F;bugtracker&#x2F;action]

I have the following settings for the plugin. I am unsure if in Azure DevOps an organization is the same as a collection, because I put my organization in the field for collection.

Bug Tracker URL:
https://myorganization.visualstudio.com

Allowed Values - Collection:
myorganization

Default Value - Collection:
myorganization

Allowed Values - Project:
FortifyTestProject

Default Value - Project:
FortifyTestProject

Allowed Values - Work Item Type:
Bug

Default Value - Work Item Type:
Bug

 

Any help appreciated!

MHuschenbett

 

0 Likes
1 Solution

Accepted Solutions
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Hi,

Sorry for the late reply, I didn't notice that you had replied to my earlier message.

You will need to use a Personal Access Token (PAT) to connect to Azure DevOps from SSC; see https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops on how to generate a PAT.

As for the scopes to use for this PAT (see https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#scopes), I think you need the following, but you may need to experiment:

  • vso.project
  • vso.work_write

You can enter this PAT in the password field of the TFS/VSTS plugin; if I remember correctly you can put in anything for the user name.

0 Likes
6 Replies
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Hi,

I ran into the same issue with one of my customers; the TFS/VSTS plugin bundled with SSC does not function correctly with Azure DevOps out of the box.

Attached are the contents of the sample code bundled with SSC 18.20, updated to allow the plugin to connect to Azure DevOps. The plugin jar file can be found in the dist folder. 

This modified version contains the following changes compared to the plugin bundled with SSC:

  • It uses BASIC authentication instead of NTLM authentication
  • It uses pre-emptive authentication to avoid Azure DevOps from redirecting to the login page

As for plugin configuration; you will need to use https://dev.azure.com as the URL, and your organization name(s) as default/allowed collection(s).

Best regards,

Ruud Senden (Fortify Professional Services Consultant)

0 Likes
Highlighted
MHuschenbett Contributor.
Contributor.

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Thank you very much for your answer Ruud!
So I disabled the old version of the plugin in SSC and removed it and installed and enabled the version you gave me. I took the plugin from the dist folder as you specified.

I used the following configuration:

ssc-bugtracking.pngSSC Bugtracking Configuration

Unfortunately, I am still getting the same error as specified in the original post...
Do I have to configure anything on my Azure DevOps instance?

 

Thank you very much!

Mhuschenbett

0 Likes
Raphael Hagi Respected Contributor.
Respected Contributor.

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Hello,

I've been using the FoDBugTrackerUtility http://github.com/fod-dev/FoDBugTrackerUtility

I recommend it because it can send vulnerabities to many bugtrackers within your DEVOPS pipeline.


Data, or do not.
0 Likes
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Indeed FortifyBugTrackerUtility is also a good choice; I'm the author of this utility. ;)

FortifyBugTrackerUtility provides more functionality than the native SSC bug tracker plugins, and allows for fully automated submission of SSC vulnerabilities to multiple bug tracking systems.

Note that this utility has moved from the GitHub address listed above to https://github.com/fortify-ps/FortifyBugTrackerUtility; current releases can be found on the Releases page.

0 Likes
Micro Focus Frequent Contributor
Micro Focus Frequent Contributor

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Hi,

Sorry for the late reply, I didn't notice that you had replied to my earlier message.

You will need to use a Personal Access Token (PAT) to connect to Azure DevOps from SSC; see https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/use-personal-access-tokens-to-authenticate?view=azure-devops on how to generate a PAT.

As for the scopes to use for this PAT (see https://docs.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#scopes), I think you need the following, but you may need to experiment:

  • vso.project
  • vso.work_write

You can enter this PAT in the password field of the TFS/VSTS plugin; if I remember correctly you can put in anything for the user name.

0 Likes
MHuschenbett Contributor.
Contributor.

Re: Submit bugs from SSC to AzureDevOps

Jump to solution

Hi Ruud,

 

Thank you very much for your tipp with the PAT. Using the PAT, the plugin you provided works like a charm! :)

I will take a look into your FortifyBugTrackerUtility and definitely try it out!

 

Thanks again!

MHuschenbett

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.