Issue
Getting below error in web app when tried open PME web application using URL generated by http://<PMEMachineName>/SystemDataService/Auth/GenerateAuthURL tool (used for generating PME web URL’s with Multiuse Automatic Authentication Token for SBO integrations) in PME v8.2 with CU3.
403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied.
Same link works before applying CU3.
Environment
Power Monitoring Expert v8.2 with CU3
Cause
In PME v8.2 when applied cumulative updated 3 there was a fix for a security vulnerability in the software and hence PME no longer accepts redirects using the full computer name.
The problem is that the 'GenerateAuthURL' tool includes the full computer name. Hence why the redirect is failing with above error.
Resolution
Workaround for this issue would be to remove computer name or IP address present under ‘RedirectURL’ section in the URL generated by the tool (masked with red box in below screen-capture needs to be removed.
Example: If tool generate below URL which is having the issue –
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=http%3a%2f%2f10.168.94.126%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232
After applying workaround, the URL will become-
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232
Note: From PME v9.0 and later versions the Authentication tool properly generates this URL using the relative path redirecting.
Getting below error in web app when tried open PME web application using URL generated by http://<PMEMachineName>/SystemDataService/Auth/GenerateAuthURL tool (used for generating PME web URL’s with Multiuse Automatic Authentication Token for SBO integrations) in PME v8.2 with CU3.
403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied.
Same link works before applying CU3.
Environment
Power Monitoring Expert v8.2 with CU3
Cause
In PME v8.2 when applied cumulative updated 3 there was a fix for a security vulnerability in the software and hence PME no longer accepts redirects using the full computer name.
The problem is that the 'GenerateAuthURL' tool includes the full computer name. Hence why the redirect is failing with above error.
Resolution
Workaround for this issue would be to remove computer name or IP address present under ‘RedirectURL’ section in the URL generated by the tool (masked with red box in below screen-capture needs to be removed.
Example: If tool generate below URL which is having the issue –
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=http%3a%2f%2f10.168.94.126%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232
After applying workaround, the URL will become-
http://10.168.94.126/SystemDataService/Auth/LogOnWithMultiuseAuthToken?RedirectUrl=%2fweb%2f&multiuseAuthToken=076195236142013143005085244017051227232005231218219060075069210070220003227142084250077028101002127028170148030040206246188119176236087148125029114219023003023143241203207123132238040097113226217174116248195005072144109009105177182210063029083097070099056208001244243178104069093035047153027149155178110007232
Note: From PME v9.0 and later versions the Authentication tool properly generates this URL using the relative path redirecting.