Skip to main content

The Universal GUI don't show any lookup values in grid and shows POST 403 (Forbidden) error. Can someone explain what's the problem here and how to fix it? 

 

 

No error log in Microsoft Azure Application Insights

 

Hi Dennis,

Could it be that the lookup display column is Hidden/Unauthorized or that the user doesn't have sufficient rights to see the display column? Not entirely sure that matters but it's a good starting point.

Hello Dennis,

The /$query request itself should actually never return a 403 Forbidden response, unless:

  • You have reached the maximum number of concurrent sessions for the logged in user on that application (this is configured in IAM). If this is the case, you will find an error in Indicium's error log stating that the application claim could not be acquired.
  • There is a licensing issue. If this is the case, you will find an error in Indicium’s error log stating that the license is invalid and what’s wrong with it.

Could you please take a look at Indicium's error log to see if this is indeed the case?

I hope this helps.

Hi Mark & Vincent,

@Mark Jongeling, the user is an user with Windows Authentication and all_rights. 

@Vincent Doppenberg,

  • We don't have configured the Max. #session for the envoirement where the issue occurs.
  • No licensing issue found in the Indicium log file. 
   @max_concurrent_sessions_per_account = null

Oddly enough the indicium log does not return a 403 error at all. I've configured our appsettings.json with log level "Debug”. This is the deepest level Indicium supports right? Trace in my opinion is the deepest level but not for Indicium?

Log level "Debug”

 

Hello Dennis,

It is possible that the Forbidden response doesn’t come from Indicium but rather from a firewall or proxy that is overeager with blocking requests that contain certain keywords, such as ‘query’. Since it looks like only the /$query requests return forbidden, it seems likely that this is the case.

I’ve seen this happen before where firewalls block requests because the URL contains an arbitrary keyword. Please check if there are any firewalls between the Universal GUI and Indicium and which rules they apply to URLs.

I hope this helps.

 

 

Hello Vincent,

You were right that we should look for the problem in the firewall. The /$query requests where blocked by the HTTP policy of our firewall. Disabling this option is the solution (for now). 

Sophos Firewall - HTTP policy

 

Terms & ConditionsCookie settings