Clarity

  • Private Community

  • 1.  Error occurred: please contact your system administrator

    Posted Apr 04, 2013 05:13 PM
    Hi All,

    we upgraded to Clarity v13.1. When we try login with admin user, it shows a pop-up "Error occurred please contact your system administrator", but once we refresh the page/click OK, it takes us to home page and no issues proceeding later. This happens only for admin user.
    Any help please?

    Thanks,
    Prabha


  • 2.  RE: Error occurred: please contact your system administrator
    Best Answer

    Posted Apr 04, 2013 05:57 PM
    So it does not say
    "Security Violation: CSRF Attack" does it?

    What does ca-app.log say?

    Martti K.


  • 3.  RE: Error occurred: please contact your system administrator

    Posted Apr 05, 2013 12:43 AM
      |   view attached
    TEC567263 - Cross Site Request Forgery - This is what Martti is talkin' about

    NJ

    Attachment(s)

    docx
    TEC567263 - Cross Site Request Forgery.docx   20 KB 1 version


  • 4.  RE: Error occurred: please contact your system administrator

    Posted Apr 27, 2013 11:06 PM
    Thanks All!

    Had disabled the CSFR security violation. Still facing the same issue.
    any help is appreciated.

    Thanks,
    Prabha


  • 5.  RE: Error occurred: please contact your system administrator

    Posted Apr 28, 2013 04:46 AM
    What does it say in the logs?

    Martti K.


  • 6.  RE: Error occurred: please contact your system administrator

    Posted Apr 28, 2013 05:13 AM
    Had disabled the CSFR security violation
    Why did you decide to do that?

    Martti K.


  • 7.  RE: Error occurred: please contact your system administrator

    Posted Apr 29, 2013 05:41 PM
    Hi Martti,

    There was CSFR attack and so we followed the fix for that.

    The log that appears in app log file as below,
    EDFC7685A05C:GetNavigatorMenuBean) Invalid security object key:\
    WARN 2013-04-13 10:06:31,386 [http-bio-80-exec-19] utility.I18nUtilities (clarity:unknown:-1:homeActionId) Unable to find gwtconstants/DateTimeConstants for locale en finding default
    WARN 2013-04-13 10:06:49,621 [http-bio-80-exec-17] out.service (clarity:none:none:GetNavigatorMenuBean) SecurityException: Authentication Failed.
    WARN 2013-04-13 10:06:49,730 [http-bio-80-exec-17] niku.union (clarity:unknown:-1:GetNavigatorMenuBean) com.niku.union.security.SecurityException: Authentication Failed. was not found in file: messages_en.properties
    ERROR 2013-04-13 10:06:49,855 [http-bio-80-exec-17] performance.PerformanceMonitor (clarity:unknown:-1:GetNavigatorMenuBean) Mismatch in timing element stack, where titles do not match ('serviceRequest' != 'Empty') or ids do not match ('/uif/GlobalNavigationService/GetNavigatorMenuBean' != 'null')

    I have tried removing all portlets in my homepage. but nothing works out :(


    Please help!

    Thanks,
    Prabha


  • 8.  RE: Error occurred: please contact your system administrator

    Posted Apr 30, 2013 04:22 AM
    Sorry to say, I don't quite follow you.

    As far as I understand it the log entries you post do not relate to the CSFR vulnerability prevention.
    The way it works is that in certain versions - v12.1.3 and v13 if my memory serves me right - there is automatically CSFR vulnerability prevention. You don't have to do anything.
    If you are in an earlier version you have the vulnerability. If you have a CSFR attack and want to prevent further you either upgrade to a version where there is a prevention for the vulnerability or create a prevention of you own for your current version.

    If you have a problem related to the CSFR vulnerability prevention in Clarity PPM 13.1 you would get
    "Security Violation: CSRF Attack" followed by instructions on what caused the error and what to do to recover. Before refreshing the page, write down the Request ID listed on the error message page.

    Only in Clarity PPM 12.1.3: you would get " ERROR 500 - Internal Server Error"

    EDFC7685A05C:GetNavigatorMenuBean) Invalid security object key:\
    WARN 2013-04-13 10:06:31,386 [http-bio-80-exec-19] utility.I18nUtilities (clarity:unknown:-1:homeActionId) Unable to find gwtconstants/DateTimeConstants for locale en finding default
    WARN 2013-04-13 10:06:49,621 [http-bio-80-exec-17] out.service (clarity:none:none:GetNavigatorMenuBean) SecurityException: Authentication Failed.
    WARN 2013-04-13 10:06:49,730 [http-bio-80-exec-17] niku.union (clarity:unknown:-1:GetNavigatorMenuBean) com.niku.union.security.SecurityException: Authentication Failed. was not found in file: messages_en.properties
    ERROR 2013-04-13 10:06:49,855 [http-bio-80-exec-17] performance.PerformanceMonitor (clarity:unknown:-1:GetNavigatorMenuBean) Mismatch in timing element stack, where titles do not match ('serviceRequest' != 'Empty') or ids do not match ('/uif/GlobalNavigationService/GetNavigatorMenuBean' != 'null')

    Is something else

    Unable to find gwtconstants/DateTimeConstants for locale en finding default
    Sound curious. What is the user locale and the timezone for the admin and what are those for the other users?

    My understanding was that en is the default and if it can't find en and finds the defaults what are defaults then?

    Open a case with support and send the logs with the case.

    Martti K.