API Tester URL directs to console login page

Troubleshooting

Problem

When launching the API tester web url, the foundation console login screen will be displayed instead

Symptom

Using Internet Explorer, when launching the API tester web url http://IP:PORT/smcfs/yfshttpapi/yantrahttpapitester.jsp the foundation console login screen will be displayed instead. This happens anytime the Application Console has been accessed already. There is also an error thrown in the console when this happens.
<Errors>
<Error
ErrorCode="exception in authenticating csrf token :/smcfs/yfshttpapi/yantrahttpapitester.jsp"
ErrorDescription="Error description not available" ErrorRelatedMoreInfo="">
<Attribute Name="ErrorCode" Value="exception in authenticating csrf token :/smcfs/yfshttpapi/yantrahttpapitester.jsp"/>
<Attribute Name="ErrorDescription" Value="Error description not available"/>
<Stack>com.yantra.yfc.util.YFCException
at com.sterlingcommerce.security.csrf.SCUIcsrfFilter.handleErrors(SCUIcsrfFilter.java:94)
at com.sterlingcommerce.security.csrf.SCUIcsrfFilter.doFilter(SCUIcsrfFilter.java:69)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at com.sterlingcommerce.woodstock.security.CrossFrameProtectionFilter.doFilter(CrossFrameProtectionFilter.java:39)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at com.sterlingcommerce.woodstock.security.UserAuthenticationFilter.doFilter(UserAuthenticationFilter.java:107)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3723)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3689)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2285)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2184)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1459)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
</Stack>
</Error>
</Errors>

Cause

When Application Console and HTTP API tester with same context root are both launched, the session gets shared. If API tester is launched after Application Console, this request which does not have a CSRF token set gets invalidated against the CSRF token set in the session when Application Console was launched.

Resolving The Problem

The API tester can be launched in new session of the browser. Click File > New Session. After using the console, always log out first. Next time, open the browser to access the API tester alone.

[{"Product":{"code":"SS6PEW","label":"IBM Sterling Order Management"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"Installation","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"9.2.1;9.2","Edition":"All Editions","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]

Product Synonym

SSFS

Was this topic helpful?

Document Information

Modified date:
16 June 2018

UID

swg21601326

Tips