000034857 - Advanced Workflow has unsaved changes. Please save or revert warning message trying to Save Workflow in RSA Archer

Document created by RSA Customer Support Employee on Mar 3, 2017Last modified by RSA Customer Support on Jul 1, 2019
Version 7Show Document
  • View in full screen mode

Article Content

Article Number000034857
Applies ToRSA Product Set: Archer
RSA Version/Condition: 6.x
IssueWhen trying to save a workflow (Creating a new one or save an already existing one) after clicking the Save Workflow button nothing happens. Normally you will find the processed saved pop up like the example below.
User-added image

However when you click save workflow you do not see this message. Then when you click Save or apply for the application/questionnaire you receive the following error:

Advanced Workflow has unsaved changes.  Please save or revert.

User-added image

When getting this error run Browser Developer Tools (usually the F12 key) before clicking Save or pply of the application and capture the network traffic of the click of save. You will see the information below and specifically note the PUT method 404 failure.
User-added image

This does not provide much information on why the Save is failing, so you should set up a trace to capture more information. Enabling a module in IIS called the Failed Request Tracing module can help get more details on why IIS isn't able to route certain requests. You can install it by following the steps below:

  1. From a Windows Server go to Server Manager and select Web Server (IIS)" Role >
  2. Select Add Role Service.
  3. Select Tracing" under Health and Diagnostics. Click Yes to allow it to install the module.
  4. From the top level node in the IIS Manager, select View Sites from the Actions pane to the right.
  5. Select the Default Web Site, and under the Configure section in the Actions pane to the right choose Failed Request Tracing... 
  6. Enable the module and note the path to which it logs.
  7. Go back to the Default Website in IIS, and there should be a new icon for Failed Request Tracing.
  8. From that icon select the particular error codes about which you want more information.
  9. Retry the test URL and see if it gives you more information

Pluralsight provides a step-by-step guide on Troubleshooting IIS 7: Examining Trace Failed Request Logs with steps on setting up failed request tracing.

After configuring the trace, reproduce the error message so that it is captured. Navigate to the logging directory of the trace and you will see all of the files. Open the latest file and you will see the entry for the failed request. It will be like the example shown:
2017-02-20 07:45:42 PUT /RSAarcher/workpoint/rest/processes.svc/1003-CUST _dc=1487576742752&refresh=true&replace=false&checkSyntax= 80 - Mozilla/5.0+(Windows+NT+6.3;+WOW64;+Trident/7.0;+rv:11.0)+like+Gecko http://localhost/RSAarcher/apps/ArcherAWF/AppClientArchitectDesktop/Home.aspx? features=%7b%22database%22%3a%22DEVELOPMENT%22%2c%22defaultNode%22%3a%22start%22%2c%22disableActivityNode%22%3atrue%2c%22disableAutomatedNode%22%3atrue%2c%22disableDelayNode%22%3atrue%2c%22disableNodeTemplateNode%22%3atrue%2c%22disableServerAutomatedNode%22%3atrue%2c%22disableSplitNode%22%3atrue%2c%22disableSubProcessNode%22%3atrue%2c%22disableTranTemplate%22%3atrue%2c%22header%22%3afalse%2c%22jobToolbar%22%3afalse%2c%22processId%22%3a%221003:CUST%22%2c%22processProperties%22%3atrue%2c%22processTabbar%22%3afalse%2c%22processToolbar%22%3atrue%2c%22processToolbox%22%3a2%2c%22username%22%3a%22883FA3201CF350EBA977AE46EB3EB69C%22%7d&appId=102&levelId=62&taskManagementEnabled=True&levelGUID=b085b230-e20f-41df-a849-f5d6811447ea 404 6 0 0

At the end of the entry you will see 404 6 0 0 and this message is specifically Verb denied. When request filtering blocks an HTTP request because of a denied HTTP verb, IIS will return an HTTP 404 error to the client and log the following HTTP status with a unique substatus that identifies the reason that the request was denied.
CauseThis issue occurs when server hardening is in place which was configured to only allow certain verbs.

The configuration is the same as shown here:
User-added image
ResolutionAs you can see from the image above, the PUT verb has not been added to the list of allowed verbs. When restricting verbs on the server you will need to add four verbs so that RSA Archer functions as expected. The following verbs need to be added with an allowed status set to True:
  • GET
  • POST
  • PUT
When all verbs have been added it will look like the image below:

User-added image

If you don't wish to list all the verbs within the HTTP verbs tab, you can edit feature settings.
User-added image

Look at the second check box shown in the image above. If it is checked, there is no need to add the verbs in the  HTTP Verbs tab. If it is unchecked, then you must add these in HTTP Verbs tab.

If the above steps do not resolve the issue, make sure that WebDav publishing is disabled on the server level. 
The steps to do this can be found in article 000032507 - Advanced Workflow Activation and Record Enrollment Problems in RSA Archer 6.0.