Tuesday, June 18, 2013

Leaving password blank in BizTalk 2013 SFTP adapter will cause host instance to run at 100% CPU without warning

A very interesting tidbit appeared on a server running BizTalk 2013 and using the brand new SFTP adapter that is bundled with the product.

As soon as a file was sent to an SFTP server, the host instance running the adapter would spin up to 100% CPU and stay there. The file would not be sent and no warnings or errors written to the event log.

After being tasked with trying to find out the issue behind this, I started with the normal tasks coupled with a host spinning up without any reason: checking the tracking settings, looking at the messagebox regarding rouge messages, zombies etc. Nothing could be found.

It wasn't until I tried to set up a copy of the flow on another 2013 server that I noticed that the password field in the Send Port properties was blank. Even with an entered password of "" the password field should display a bunch of stars to mask the password (or lack of one).



I set the password to the correct one, and started the host again. Now the file was sent and the host stayed at normal CPU load.

When looking into this, I noticed that when exporting the binding for the send port when the password wasn't set, the CustomProps in the TransportTypeData element never included the Password element. When setting either a blank password or a proper one, the binding will include a password placeholder of which can be translated to NULL, i.e. there is no password defined (it is never written to the binding file for security reasons). But if you never set a password, this field is never written to the binding file at all!

This is important to be aware of since I also noticed that if you try to set the password to "blank", by entering a character and then deleting it again and then saving, it is not entered since the GUI will interpret it as nothing has changed and therefore not set the password field to blank, leaving it completely undefined. Instead you have to enter a dummy character, save, enter the property dialog again and delete the character before doing the final save. That way the blank password will be properly saved.

3 comments:

  1. Thanks for your help, Marcus! I ran into the same issue like you, so it was good to read your explanation.
    BTW, if you import the bindings from a file (e.g. with BTDF) you can add the password automatically like this:
    <Password vt="8"></Password>
    This way, also blank passwords are imported correctly and you see the password placeholders in the configuration field.

    ReplyDelete
  2. I have run into this as well. Thanks for documenting.

    Kent Weare

    ReplyDelete
  3. I found the same issue with receive SFTP. But not only it spins the CPU up to 100%, but it also doesn't give you warning and disable the receive location as the password is not set. The location stays enabled and CPU goes nuts. I think CU2 suppose to fix this problem but not sure if it did.

    ReplyDelete