erahal Member since 2016 22 posts
Posted: March 10, 2020
Last activity: March 10, 2020

403 Forbidden and session crashes for end users

Suddenly yesterday we started facing a problem when users tries to login or comes back to a pervious session.

New users are facing

  • HTTP Status 403 - Forbidden
  • Type Status Report
  • Message : Unable to authorize
  • Description : The server understood the request but refuses to authorize it
  • Apache Tomcat/9.0.31

Users that tries to come back to a previous session:

Gets a blue screen crash : the operation completed successfully, but returned no content

  • Status: good
  • Operator: Unauthenticated or not available
  • Node: No ID available

Our configuration is using a 3 nodes, and the problem is mainly faced by users on node B and Node C. Node A seems to be working fine, and the users who logs into that node do not face the problem. Howvere on Node B and Node C some users did not face the problem at all.

Our PegaRules file shows the following errors:

1st error

2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [  STANDARD] [                    ] [                    ] (taencryption.DecryptionHandler) ERROR   - Failed to decrypt Failed to get data key for system data     at com.pega.pegarules.exec.internal.crypto.dataencryption.DataKeyProvider.getSystemDataKey( ~[prprivate.jar:?]

2nd Error

2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [  STANDARD] [                    ] [                    ] (.SessionCookieRequestConverter) ERROR   - Invalid Pega-RULES cookie value.

The network, load balancer and tomcat teams ruled out the problem from infrastructure. Problem being faced on all browser types

Any idea what could be the root cause?


Pega Platform 8.2.1 Case Management Financial Services Product Owner
Share this page LinkedIn