search cancel

After upgrade to 21.2.8 the Spectrum login Web Pages reports HTTP/401

book

Article ID: 243075

calendar_today

Updated On:

Products

CA Spectrum

Issue/Introduction

After upgrading from 10.4.2.2 to 21.2.8 we noticed that our program that we use to monitor webpages (APM) is no longer working and we are receiving HTTP 401 errors, even though no login credentials are being used.

This causes our APM monitoring program not to function correctly and we cannot rely upon this to see if the Spectrum web applications are available and working.

This should be reproducible by opening the web debug in Google Chrome (type F12, then select the "Network" tab and then "perserve log"). After opening the Spectrum Login page and selecting the subdir "spectrum" (as seen in the screen shot) the HTTP 401 should be visible.

Cause

Engineering has confirmed that this is the correct behavior due to increased security

 

 

Environment

Release : 21.2.8

Component : Spectrum OneClick

Resolution

As this is the correct behavior there are some customers who would prefer the old behavior for webpage monitoring.

Please request Spectrum_21.02.08.PTF_21.2.811 which contains all of the OneClick performance fixes in Spectrum_21.02.08.PTF_21.2.810 and this fix

 DE535912 : 33104933 - Web Pages reports HTTP/401

 

In a future release, post 21.2.12 there will be an option to switch from  new to old behavior by the customer.

Additional Information

"The HyperText Transfer Protocol (HTTP) 401 Unauthorized response status code indicates that the client request has not been completed because it lacks valid authentication credentials for the requested resource."

 

401 Unauthorized - HTTP | MDN (mozilla.org)

 

Also

 

OWASP - Testing for Web Logout Security

Attachments