General server errors while making updates in CDD
search cancel

General server errors while making updates in CDD


Article ID: 225627


Updated On:


Continuous Delivery Director


After upgrading from CDD 6.6 to 8.2 we are attempting to update the value of a Release Token. It results in a "General server error". 





Release : 8.2



When making updates in CDD, CDD:

  1. Compares the Origin Header to the following values used in the file: 
    • cdd.url.port
    • cdd.url.schema
    • cdd.url.virtual_ip
  2. Compares the Origin header to the servlet request received by CDD. 


If the second test fails it will generate an error in the cdd-server log.


For example: 

An environment may have an environment that involves the following:

Client Chrome Browser -----(HTTPS)---->   F5   ---(HTTP)--->  CDD Tomcat Service

The above indicates that the chrome browser is accessing CDD using HTTPS. That request is handled by an F5 load balancer that is terminating the https session and therefore sends the request to CDD over http. In this case the error in the log shows the following error:

WARN - Origin header : https://<servername>.com
WARN - Forwarded Header: null
WARN - X-Forwarded-Host Header: null
WARN - X-Forwarded-Port Header: null
WARN - X-Forwarded-Proto Header: null
WARN - Servlet Request: http, <servername>, 80
ERROR c.c.r.w.f.OriginVerificationFilter - Failed session request based on its origin/referer. You may clear the JSESSIONID,CDDSESSIONID cookies request header, logout from the related CDD session, verify that the login URL matches the URL used for installation, or update 'cdd.url.*' configuration in Internal exception: [Access to resource '/cdd/design/00000000-0000-0000-0000-000000000000/v1/releases/<releaseId>/tokens/<tokenId>' is forbidden to 'https://<servername>.com', verified by origin header. Reason(s): Scheme 'http' was not as expected Port '80' was not as expected ] Access to resource '/cdd/design/00000000-0000-0000-0000-000000000000/v1/releases/<releaseId>/tokens/<tokenId>' is forbidden to 'https://<servername>.com', verified by origin header. Reason(s): Scheme 'http' was not as expected Port '80' was not as expected




The following values (in .cdd/conf/ should be equal to the the Origin header:

  • cdd.url.port
  • cdd.url.schema
  • cdd.url.virtual_ip
In the example given in the messages above (WARN - Origin header : https://<servername>.com), it should be:


However, because we later see that the F5 is terminating the https connection and converting it to http:

  • F5 needs to either:
    • Change the HTTP Origin header (if it is going to terminate the https and convert to http); or
    • Do not terminate the https connection and make sure CDD is configured with a HTTPS Connector (via tomcat/conf/server.xml)
  • Update .cdd/conf/ with the appropriate information - based on the appropriate HTTP Origin header being used/set by F5. 
    • For example, if F5 continues to terminate the https connection and converts it to http then the settings in this file should look like:
      • cdd.url.port=<port used by F5 team while setting Origin header>
      • cdd.url.schema=http
      • cdd.url.virtual_ip=<servername>.com


If an immediate workaround is needed then please contact technical support for "Internal Notes" relating to entries that can be used temporarily to bypass the security checks performed.