Problem
Empty crowd.token_key cookie in response header and failed authentication.
Solution
This problem most likely occurs when ihtsdo-tools application has been authorized but user may not be part of crowd directory or group which has access to ihtsdo-tools application. To resolve this error user should be assigned to group or a directory which has access to an ihtsdo-tools application.
Problem
Error "Client with address '127.0.0.1' is forbidden from making requests to application 'ihtsdo-tools'" while attempting authentication from any IHTSDO tools application.
Solution
This problem is due to nginx - crowd's tomcat topology. To resolve this ithtsdo-tools application settings inside Crowd must have following allowable remote addresses beside other known remote ips.
- localhost
- 127.0.0.1
- <machine-name>.local
Also Crowd support CIDR so if required allowable remote address should be configured accordingly.
Problem
How to enable logging in crowd
Solution
To trouble shoots any authorization error which may not be obvious in general debugging, Crowd debug log can be enabled from logging/profiling options
https://dev-crowd.ihtsdotools.org/crowd/console/secure/admin/loggingProfiling.action . Logs are stored in {crowd installation directory}/apache-tomcat/logs