CDD 6.9 does not work on IE and firefox on some systems
Article ID: 127062
Updated On:
Products
Automic Continuous Delivery Director
Issue/Introduction
Acronyms: (Acronym used or referred in document)
When trying to access the CDD 6.9 via IE and Firefox on some systems, post log in throws error "something went wrong".
- CDD: Continuous Delivery Director
When trying to access the CDD 6.9 via IE and Firefox on some systems, post log in throws error "something went wrong".
Cause
In our analysis we observed below errors in cdd-server.log file
2019-02-13 13:41:23.803 [http-nio-8443-exec-11] ERROR c.c.r.w.f.OriginVerificationFilter - Failed request based on its origin. You may clear the JSESSIONID cookie request header or logout from the related CDD session
com.ca.rp.exceptions.rest.ValidationException: Accessing '/cdd/login.jsp' is forbidden from 'https://<cdd-server>:8443/cdd/login.jsp', verified by referer header
Trouble shoot steps
Some observed behavior of browsers
com.ca.rp.exceptions.rest.ValidationException: Accessing '/cdd/login.jsp' is forbidden from 'https://<cdd-server>:8443/cdd/login.jsp', verified by referer header
Trouble shoot steps
- Please check the settings.properties file located under tomcat host, under directory <USER-HOME>/.cdd/conf
- Check for below configuration in settings.properties
- cdd.url.schema = https
- cdd.url.port = 8443
- cdd.url.virtual_ip = hostname
- Check if the hostname (short name or FQDN) is getting resolved via DNS
- Check the URL in use to access CDD
Some observed behavior of browsers
- Chrome is adding the Origin HTTP header to its requests.
- IE and Firefox are NOT adding the Origin HTTP header to their requests.
- IE and Firefox are adding the Referer HTTP header instead - which is using different format and different values.
Environment
Continuous Delivery Director: 6.9 ( also valid for higher versions)
Resolution
The CDD behavior is consistent and in our analysis we identified that in settings.properties file the hostname is having value as short-name of server and the CDD URL is been accessed via short-name, but as the IE and Firefox are passing the Referer HTTP headers, which is using FQDN hence a mismatch resulting in the error.
Solution: Access the CDD URL with FQDN of server instead of short-name for IE and Firefox
Additional Information
NOTE:
It is advised to access CDD using the exact same server address that was used for executing the CDD Installer. CDD is verifying that any incoming cliet request is coming from a page that was downloaded from CDD itself ( same HTTP schema, same server name and same server port )
It is advised to access CDD using the exact same server address that was used for executing the CDD Installer. CDD is verifying that any incoming cliet request is coming from a page that was downloaded from CDD itself ( same HTTP schema, same server name and same server port )
For example, if the customer was using https://test.domain.com:443 for executing CDD Installer, it should also use https:///test.domain.com:443 for executibg CDD service ( and not https:///test:443 )
Feedback
Powered by
