OPS/MVS with NIM configuration error - 403 Forbidden
search cancel

OPS/MVS with NIM configuration error - 403 Forbidden

book

Article ID: 439751

calendar_today

Updated On:

Products

OPS/MVS Event Management & Automation

Issue/Introduction

The customer receives a 403 Forbidden error when trying to use PUT/POST operations via the REST API Explorer. Their UI login is currently working.

Resolution

Possible Solution: The documentation instructed them to whitelist the UI (<url-pattern>/ui/UIRequestHandler</url-pattern>) in their web.xml, which is why their login works, but the documentation missed the REST API endpoints.

The Fix: Instruct the customer to update their ca-nim-sm/WEB-INF/web.xml workaround to also whitelist the <url-pattern>/api/*</url-pattern>.

Their security-constraint blocks must be updated to look exactly like this:

<security-constraint>
<web-resource-collection>
<web-resource-name>NIM Security</web-resource-name>
<url-pattern>/ui/UIRequestHandler</url-pattern>
<url-pattern>/api/*</url-pattern> <!-- Add this line -->
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>NIM Security</web-resource-name>
<url-pattern>/ui/UIRequestHandler</url-pattern>
<url-pattern>/api/*</url-pattern> <!-- Add this line -->
</web-resource-collection>
</security-constraint>

Once Tomcat is restarted, test thePUT and POST requests to the REST API.

Powered by Wolken Software