Skip to main content

Load balancer URL for clustered Spotfire servers fails to browse with ERROR: "Unable to load application" in the browser.

Rich Talbot
Date Posted: 2019-01-15
Product: TIBCO Spotfire®

Problem:

Load balancer URL for clustered Spotfire servers fails to browse with ERROR: "Unable to load application" in the browser.


Solution:

Load balancer URL for Spotfire servers added in the cluster fails to browse with error "Unable to load application" in the browser and following error get logged in Spotfire server logs (server.log file) related to this issue:

-------------------
DEBUG 2017-04-10T11:00:43,429+0800 [] server.security.SessionUtil: Created a new session with number 182
DEBUG 2017-04-10T11:00:43,429+0800 [unknown, #182, #839] server.security.AccessLogFilter: Found user-agent HTTP header: Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko
DEBUG 2017-04-10T11:00:43,429+0800 [unknown, #182, #839] server.security.CsrfFilter: Generated a new CSRF token for the new session: ad268dedcdf63dc9f96402b869350fe2
DEBUG 2017-04-10T11:00:43,429+0800 [unknown, #182, #839] server.security.SecurityFilter: Filtering request: HTTP GET /rest/pub/headerConfig on port 40080 from 10.160.162.70 at port number 56718
WARN 2017-04-10T11:00:43,429+0800 [unknown, #182, #839] server.security.SecurityInterceptor: Request for URL /rest/pub/headerConfig is denied because the request does not contain the required CSRF token
-------------------- Follow the below mentioned steps to disable CSRF protection:

==================================================
1)Export the Spotfire server configuration using command  - config export-config
---------------
<\\server_install_Dir\tomcat\bin> config export-config 
----------------

2)Disable csrf protection using command - config config-csrf-protection --enabled=false
---------------
<\\server_install_Dir\tomcat\bin> config config-csrf-protection --enabled=false
----------------

3)Import the configuration - config import-config -c "disabled csrf"
---------------
<\\server_install_Dir\tomcat\bin> config import-config -c "disabled csrf "
----------------

4)Restart the Spotfire server service.
==================================================
Note: CSRF token can be disabled only if not used by external authentication or other External actions like Scheduled updates via web services. https://docs.tibco.com/pub/spotfire_server/7.11.0/doc/html/TIB_sfire_server_tsas_admin_help/GUID-3188EF2A-E7BD-481C-822B-7579B69B0DB9.html
https://docs.tibco.com/pub/spotfire_server/7.11.0/doc/html/TIB_sfire_server_tsas_admin_help/GUID-6E6E5815-5CD1-48E6-9F0B-96541B9FF7C1.html
https://docs.tibco.com/pub/spotfire_server/7.11.0/doc/html/TIB_sfire_server_tsas_admin_help/GUID-AD39E75E-9C03-41A1-A2F1-01363389A398.html

Related articles

Comments

0 comments

Article is closed for comments.