Question

1
Replies
351
Views
Elie Rahal (erahal)
Murex
Senior Product Manager
Murex
LB
erahal Member since 2016 22 posts
Murex
Posted: March 10, 2020
Last activity: March 10, 2020
Posted: 10 Mar 2020 8:50 EDT
Last activity: 10 Mar 2020 12:25 EDT
Closed

403 Forbidden and session crashes for end users

Suddenly yesterday we started facing a problem when users tries to login or comes back to a pervious session.

New users are facing

  • HTTP Status 403 - Forbidden
  • Type Status Report
  • Message : Unable to authorize
  • Description : The server understood the request but refuses to authorize it
  • Apache Tomcat/9.0.31

Users that tries to come back to a previous session:

Gets a blue screen crash : the operation completed successfully, but returned no content

  • Status: good
  • Operator: Unauthenticated or not available
  • Node: No ID available

Our configuration is using a 3 nodes, and the problem is mainly faced by users on node B and Node C. Node A seems to be working fine, and the users who logs into that node do not face the problem. Howvere on Node B and Node C some users did not face the problem at all.

Our PegaRules file shows the following errors:

1st error

Suddenly yesterday we started facing a problem when users tries to login or comes back to a pervious session.

New users are facing

  • HTTP Status 403 - Forbidden
  • Type Status Report
  • Message : Unable to authorize
  • Description : The server understood the request but refuses to authorize it
  • Apache Tomcat/9.0.31

Users that tries to come back to a previous session:

Gets a blue screen crash : the operation completed successfully, but returned no content

  • Status: good
  • Operator: Unauthenticated or not available
  • Node: No ID available

Our configuration is using a 3 nodes, and the problem is mainly faced by users on node B and Node C. Node A seems to be working fine, and the users who logs into that node do not face the problem. Howvere on Node B and Node C some users did not face the problem at all.

Our PegaRules file shows the following errors:

1st error

2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [  STANDARD] [                    ] [                    ] (taencryption.DecryptionHandler) ERROR   - Failed to decrypt com.pega.pegarules.pub.PRRuntimeException: Failed to get data key for system data     at com.pega.pegarules.exec.internal.crypto.dataencryption.DataKeyProvider.getSystemDataKey(DataKeyProvider.java:239) ~[prprivate.jar:?]

2nd Error

2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [  STANDARD] [                    ] [                    ] (.SessionCookieRequestConverter) ERROR   - Invalid Pega-RULES cookie value.

The network, load balancer and tomcat teams ruled out the problem from infrastructure. Problem being faced on all browser types

Any idea what could be the root cause?

Thanks

Pega Platform 8.2.1 Case Management Financial Services Product Owner
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.