Empty crowd.token_key cookie in response header and failed authentication.
This problem most likely occurs when ihtsdo-tools application has been authorized but user may not be part of crowd directory or group which has access to ihtsdo-tools application. To resolve this error user should be assigned to group or a directory which has access to an ihtsdo-tools application.
Error "Client with address '127.0.0.1' is forbidden from making requests to application 'ihtsdo-tools'" while attempting authentication from any IHTSDO tools application.
This problem is due to nginx - crowd's tomcat topology. To resolve this ithtsdo-tools application settings inside Crowd must have following allowable remote addresses beside other known remote ips.
Also Crowd support CIDR so if required allowable remote address should be configured accordingly.
How to enable logging in crowd
To trouble shoots any authorization error which may not be obvious in general debugging, Crowd debug log can be enabled from logging/profiling options
https://dev-crowd.ihtsdotools.org/crowd/console/secure/admin/loggingProfiling.action . Logs are stored in {crowd installation directory}/apache-tomcat/logs
Related articles appear here based on the labels you select. Click to edit the macro and add or change labels.
|