Skip to main content

This content has been archived and is no longer being updated. Links may not function; however, this content may be relevant to outdated versions of the product.

Support Article

URLAccessModeWarn:URLAccessPermitted warning in logs

SA-21378

Summary



Pega 7.1.9 users see a warning in the logs when creating a new work object.

Following the solution documented in SA-18009 (for Pega 7.1.8),
https://pdn.pega.com/support-articles/csrfattack-warning-message-repeats-pegarules-logfile, the users specified the Dynamic System Setting (DSS) prconfig/security/urlaccessmode Value=allow, but the warning persists.


Error Messages

2016-03-12 11:39:22,299 [ tomcat-http--3] [TABTHREAD7] [ ] [ Application] ( mgmt.util.URLAccessContext) WARN ,<ip1>|<ip2>- URLAccessModeWarn:URLAccessPermitted URLAccessDetail ActionTampered Actual Fixed Param-Value : key=<key1> Expected Param-Value : key=<key2>

Steps to Reproduce

  1. Create a new work object.
  2. Observe the warning in the log.
  3. Check to ensure that the Pega-Engine DSS is specified as prconfig/security/urlaccessmode Value=allow.
  4. Observe that the warning persists in the log.


Root Cause



A software use or operation error

Resolution



Here’s the explanation for the reported behavior:
The DSS was specified incorrectly because it did not include /default in the Setting Purpose.

The Pega-Engine DSS Setting Purpose should be specified as prconfig/security/urlaccessmode/default with the value as Allow.
Owning Ruleset : Pega-Engine
Setting Purpose : security/urlaccessmode/default
Value : Allow

Restart the server for this change to take effect.

Related Content
https://pdn.pega.com/secu0008-alert-cross-site-forgery-attack-detected-and-blocked/secu0008-alert-cross-site-forgery
https://pdn.pega.com/configuring-csrf-protection/configuring-csrf-protection
Suggest Edit

Published July 5, 2017 - Updated October 8, 2020

Did you find this content helpful? Yes No

33% found this useful

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.

We'd prefer it if you saw us at our best.

Pega Community has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice
Contact us