We have a strange issue where a direct link from SharePoint to a Cognos TM1 URL causes a 403, however if we refresh or paste-in the link directly it works.
The cause might be related to the leading “http” being stripped-off (see below with the other browsers), however that’s not clear in the raw HTML link or in the Fiddler results:
Any thoughts on a cause/fix?
From a SharePoint menu item:
GET http://server:9510/tm1web/ HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://portal/Pages/home.aspx Accept-Language: en-AU User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: server:9510 Connection: Keep-Alive
Result [fail]:
HTTP/1.1 403 Forbidden Server: Apache-Coyote/1.1 Content-Length: 0 Date: Mon, 23 Feb 2015 01:25:29 GMT
Hitting F5/Refresh in the browser after the 403:
GET http://server:9510/tm1web/ HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Accept-Language: en-AU User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Connection: Keep-Alive Host: server:9510 Cookie: JSESSIONID=6A01B8265CC22BD13A9DD46575A6485F; DWRSESSIONID=gIilAwYv2K33Yahd$G7keNo4QKk
Result [works]:
HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Encoding: gzip Content-Type: text/html;charset=UTF-8 Content-Length: 684 Date: Mon, 23 Feb 2015 01:43:40 GMT
Other browsers:
- Chrome also gets a 403 – but doesn’t display leading “http” in URL – this means hitting F5 has no affect:
- Firefox is the same as Chrome:
Our work-around is to use a non-SharePoint web-server with a page to do the redirect (e.g. a HTML META redirect).
We thought the PermissiveXFrameHeaderModule
HTTP Module
could be causing it, but disabling it on our development server still causes the issue.
Additional example:
From a SharePoint
Redirect
page:GET http://portal/Pages/TM1-Redirect.aspx HTTP/1.1 Accept: text/html, application/xhtml+xml, */* Referer: http://portal/Pages/home.aspx Accept-Language: en-AU User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0) Accept-Encoding: gzip, deflate Host: portal Connection: Keep-Alive Cookie: ...
Result #1 – redirect:
HTTP/1.1 302 Found Cache-Control: private, max-age=0 Content-Type: text/html; charset=utf-8 Expires: Sun, 08 Feb 2015 01:45:45 GMT Last-Modified: Mon, 23 Feb 2015 01:45:45 GMT Location: http://server:9510/tm1web/ Server: Microsoft-IIS/8.0 X-SharePointHealthScore: 0 X-AspNet-Version: 4.0.30319 SPRequestGuid: 9664ec9c-9790-10c2-3b44-67b194daa158 request-id: 9664ec9c-9790-10c2-3b44-67b194daa158 SPRequestDuration: 74 SPIisLatency: 0 WWW-Authenticate: Negotiate ... Persistent-Auth: true X-Powered-By: ASP.NET MicrosoftSharePointTeamServices: 15.0.0.4561 X-Content-Type-Options: nosniff X-MS-InvokeApp: 1; RequireReadOnly Date: Mon, 23 Feb 2015 01:45:45 GMT Content-Length: 146 <html><head><title>Object moved</title></head><body> <h2>Object moved to <a href="http://server:9510/tm1web/">here</a>.</h2> </body></html>
Result #2 – [fail – same as above]:
HTTP/1.1 403 Forbidden Server: Apache-Coyote/1.1 Content-Length: 0 Date: Mon, 23 Feb 2015 01:45:45 GMT
Answer
To go around this issue, modify the tm1web_config.xml file like so:
change this
<add key="CrossDomainAccessList" value="" />
to
<add key="CrossDomainAccessList" value="*" />
and restart the Application Server service.
Attribution
Source : Link , Question Author : PeterX , Answer Author : masegaloeh