RSA Identity Governance and Lifecycle Review Details link ($reviewDetailURL) in Reviewer Email gets "The request could not be handled" error
2 years ago
Originally Published: 2017-02-09
Article Number
000040193
Applies To
RSA Product Set: Identity Governance & Lifecycle 
RSA Version/Condition: 7.0.2, 7.1.0

 
Issue
For a Group Review, when the Review becomes active, emails (via event templates) are sent to Reviewers. For these emails, the {$reviewDetailURL} variable has been configured in the email template. As a result, the generated URL may look like this: 
  However, when the Reviewer clicks on the link, the following error is returned:
 
The request could not be handled
 

User-added image

The following message may also be found in the aveksaServer.log. 
02/02/2017 18:31:08.174 WARN (default task-55) [com.aveksa.gui.core.GuiFramework] 
No CSRF guard token was found in the submitted request. 
This may indicate an attack on the server. Request is blocked.
Cause
This is a known issue reported in engineering ticket ACM-72056. The problem is the bad formulation of the reviewDetailURL variable for the email template.  
Resolution
This issue is resolved in the following RSA Identity Governance & Lifecycle patches:
  • RSA Identity Governance & Lifecycle 7.0.2 P08
  • RSA Identity Governance & Lifecycle 7.1.0 P01
Workaround
Manually substitute the bad PageID value in the URL by changing the text UserReviewSummaryWizard to GroupReviewSummaryWizard, as shown below. Change

FROM:
TO:

Related Articles

Trending Articles

Don't see what you're looking for?