Clarity: ClarityContentFilter blocks request to /niku/odata/GetNavigatorMenuBean in SSO enabled environments on 13.3.0.5, preventing access to the Administration UI menu

book

Article ID: 17428

calendar_today

Updated On:

Products

CLARITY PPM FOR ITG CLARITY PPM FEDERAL CA Identity Manager CA Identity Governance CA Identity Portal Clarity PPM SaaS Clarity PPM On Premise

Issue/Introduction

Description:

SSO enabled environments on 13.3.0.5, some Web Services requests are being blocked with "403 forbidden" error message.

When /niku/odata/GetNavigatorMenuBean is requested, the SSO user token is not present and the allowedList does not contain a valid value to allow the request to proceed even though the request includes a valid sessionId cookie.

Additional Symptom: When users click the link to queries on the /niku/wsdl page, they get a 403 forbidden error. In addition all WSDLs will error out with authentication errors.

This issue was introduced in Clarity 13.3, Generic Patch #5

Solution:

WORKAROUND:

Disable content filtering by adding -DdisableContentFilter=true to the app java arguments.

STATUS/RESOLUTION:

CLRT-75074
Resolved in Clarity 13.3 Generic Patch. Reference TEC605767
Resolved in CA PPM 14.1

Environment

Release: ESPCLA99000-13.2-Clarity-Extended Support Plus
Component: