000017797 - HTTP ERROR 403 due to 'Bad or missing CSRF token' in RSA Security Analytics

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support on Sep 26, 2019
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000017797
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Security Analytics Server
Platform: CentOS
IssueHTTP ERROR 403 due to "Bad or missing CSRF token" in RSA Security Analytics.
RSA Security Analytics is experiencing component type serialization issues.

Error message similar to the following is encountered: 




HTTP ERROR 403
Problem accessing /error/error.html.
Reason:  Bad or missing CSRF token
 


Error message similar to the following is encountered:




org.springframework.dao.InvalidDataAccessApiUsageException: Unknown name value for enum class
com.netwitness.platform.server.common.domain.model.ComponentType: REPORTING; nested exception is
java.lang.IllegalArgumentException: Unknown name value for enum class
com.netwitness.platform.server.common.domain.model.ComponentType: REPORTING
at
org.springframework.orm.jpa.EntityManagerFactoryUtils.convertJpaAccessExceptionIfPossible(EntityManagerFactoryUtils.java:at
org.springframework.orm.jpa.DefaultJpaDialect.translateExceptionIfPossible(DefaultJpaDialect.java:120)
at
org.springframework.dao.support.DataAccessUtils.translateIfNecessary(DataAccessUtils.java:213)
at org.springframework.orm.jpa.JpaAccessor.translateIfNecessary(JpaAccessor.java:155)
at org.springframework.orm.jpa.JpaTemplate.execute(JpaTemplate.java:192)
at org.springframework.orm.jpa.JpaTemplate.merge(JpaTemplate.java:275)
at com.rsa.netwitness.carlos.db.dao.AbstractDAO.update(AbstractDAO.java:357)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:318)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
at
org.springframework.dao.support.PersistenceExceptionTranslationInterceptor.invoke(PersistenceExceptionTranslationInterceptor.at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at
org.springframework.transaction.interceptor.TransactionInterceptor.invoke(TransactionInterceptor.java:110)
at
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
at org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
at $Proxy90.update(Unknown Source)
at
com.netwitness.platform.server.common.auth.SuccessfulAuthenticationHandler.handleSHA256Migration(SuccessfulAuthenticationHandler.at
com.netwitness.platform.server.common.auth.SuccessfulAuthenticationHandler.onAuthenticationSuccess(SuccessfulAuthenticationHandler.at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthenticationbstractAuthenticationProcessingFilter.at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.successfulAuthentication(AbstractAuthenticationProcessingFilter.at
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.at
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:334)

CauseThis issue is caused by a change to the ComponentType enum.
Resolution

In order to manually fix the issue the database must be updated.  To resolve the issue, connect to the SA server appliance via SSH and issue the commands below in the following order:




# stop jettysrv

# cd /var/lib/netwitness/uax/db

# cp platform.h2.db platform.h2.db.backup

# wget http://repo1.maven.org/maven2/com/h2database/h2/1.2.147/h2-1.2.147.jar

# java -cp h2-1.2.147.jar org.h2.tools.Shell -url jdbc:h2:file:platform



The commands above will connect you to the SQL database, then you need to issue the SQL commands below in the following order:




sql> UPDATE DASHBOARD SET COMPONENTTYPE = 'REPORTER' WHERE COMPONENTTYPE = 'REPORTING';

sql> UPDATE DASHBOARD SET COMPONENTTYPE = 'ALERTER' WHERE COMPONENTTYPE = 'ALERTING';

sql> exit
Wait for 'Connection closed'

# start jettysrv



If this does not solve your issue, please open a case with RSA Technical Support and reference this article so that we may better assist you.

Legacy Article IDa65376

Attachments

    Outcomes