IBM Support

DPR-ERR-2079 Firewall Security Rejection. Your request was rejected by
the security firewall.

Troubleshooting


Problem

Firewall error occurs in Cognos Portal (Administration/ Connection) when selecting "Set Properties" or "More"

Symptom

DPR-ERR-2079 Firewall Security Rejection. Your request was rejected by
the security firewall.

CAF rejection details are available in the log. Please contact your
administrator.

Cause

Customer has CAF enabled and has URLs in Valid domains and hosts

Environment

Single or Distributed environment with CAF enabled

Diagnosing The Problem

In cogserver:
Trace.caf.validator no CAF cookie - no backup passports to check signature caf TRACE
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure check signature failed: string => 397307|ps
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure check signature failed: hmac => AhQAAABWXMjFZov39wS0Eb4ffq2Ep9neVgcAAABTSEEtMjU2IAAAAG0HIw59gowPQIiy*6H5D5R4F8Wv-eSX*6TlFjOOvoQ6
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure check signature failed: passport => null
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure check signature failed: salted => true
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure unwrap and check signature failed: web64 decoded value => CAFA6000000009AhQAAABWXMjFZov39wS0Eb4ffq2Ep9neVgcAAABTSEEtMjU2IAAAAG0HIw59gowPQIiy*6H5D5R4F8Wv-eSX*6TlFjOOvoQ6397307|ps
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure context id signature check failed: unwrap context id =>
10.116.163.152:32120 27405 2015-04-29 07:39:55.948 -5 WebContainer : 5 caf 2047 1 Audit.dispatcher.caf Request Failure invalid context id: context id =>

Resolving The Problem

1. Go to Cognos Configuration
2. Click Actions -> Edit Global Configuration...
3. For "Domain" section please add domain for example ".ca.ibm.com"
*'.' at beginning must be placed
Restart services.

[{"Product":{"code":"SSEP7J","label":"Cognos Business Intelligence"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Cognos Administration","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.2.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
15 June 2018

UID

swg21903072

Page Feedback