{}

Our Brands

Impact-Company-Logo-English Black-01-177x54

Welcome to the Schneider Electric Website

Welcome to our website.
Search FAQs
Power Monitoring Expert 8.2 with CU3: Web App error ‘403 – Forbidden: Access is denied’ when tried Logon Web App with Multiuse AuthToken
Issue
Getting below error in web app when tried open PME web application using URL generated by http://<PMEMachineName>/SystemDataService/Auth/GenerateAuthURL tool (used for generating PME web URL’s with Multiuse Automatic Authentication Token for SBO integrations) in PME v8.2 with CU3.


403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied.


Same link works before applying CU3.

Environment
Power Monitoring Expert v8.2 with CU3

Cause
In PME v8.2 when applied cumulative updated 3 there was a fix for a security vulnerability in the software and hence PME no longer accepts redirects using the full computer name.


The problem is that the 'GenerateAuthURL' tool includes the full computer name. Hence why the redirect is failing with above error.

Resolution
Workaround for this issue would be to remove computer name or IP address present under ‘RedirectURL’ section in the URL generated by the tool (masked with red box in below screen-capture needs to be removed.


Example: If tool generate below URL which is having the issue –
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=http%3a%2f%2f10.168.94.126%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232

After applying workaround, the URL will become-
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232

Note: From PME v9.0 and later versions the Authentication tool properly generates this URL using the relative path redirecting.

Schneider Electric Saudi Arabia

Explore more
Range:
Articles that might be helpful Users group

Discuss this topic with experts

Visit our Community for first-hand insights from experts and peers on this topic and more.
Explore more
Range: