Unable to Save Junk Notification Filter
Issue:
- Unable to save the Junk Notification Filter due to the CSRF parameter being passed twice in the payload.
- A 400 error occurs when attempting to save the configuration.
- The issue will occur only from 14820.
Issue ID : SD-123127
Screenshot:
Error Trace:
[12:07:28:020]|[08-12-2024]|[com.manageengine.servicedesk.filter]|[INFO]|[124]: RequestURI ::: /FilterDef.do, method ::: POST , action rule path ::: /FilterDef.do , actionParamName ::: mode; , actionParamValue ::: save , PORTALID ::: 1|
[12:07:28:024]|[08-12-2024]|[com.adventnet.iam.security.ParameterRule]|[SEVERE]|[124]: The parameter "sdpcsrfparam" for the URL "/FilterDef.do" is more than the maximum occurances configured in the param rule :
ParameterRule :: paramName : "sdpcsrfparam" index : "null" paramNameInRegex : "null" allowedValueRegex : "csrf_cookie_value" minLength : "0" maxLength : "200" minOccurrences : "0" maxOccurrences : "1" isParamNameInRegex : "false" dataType : "null" xssValidation : "null" decrypt : "false" trim : "null" secret : "true" Range : "null" defaultValue : "null" template : "null" xmlSchemaValidation : "false" xmlSchemaName : "null" arraySize : "0-10" allowEmpty : "null"|
[12:07:28:027]|[08-12-2024]|[com.adventnet.iam.security.IAMSecurityException]|[INFO]|[124]: IAMSecurityException ErrorCode: MORE_THAN_MAX_OCCURANCE, RequestURI: "/FilterDef.do", RemoteAddr: "127.0.0.1", Referrer: "https://localhost:8080/FilterDef.do?****", ParameterName: "sdpcsrfparam", No Of Occurance: "2", Parameter Rule: "ParameterRule :: paramName : "sdpcsrfparam" index : "null" paramNameInRegex : "null" allowedValueRegex : "csrf_cookie_value" minLength : "0" maxLength : "200" minOccurrences : "0" maxOccurrences : "1" isParamNameInRegex : "false" dataType : "null" xssValidation : "null" decrypt : "false" trim : "null" secret : "true" Range : "null" defaultValue : "null" template : "null" xmlSchemaValidation : "false" xmlSchemaName : "null" arraySize : "0-10" allowEmpty : "null""|
[12:07:28:027]|[08-12-2024]|[com.adventnet.iam.security.SecurityFilter]|[SEVERE]|[124]: IAMSecurityException Error Code : MORE_THAN_MAX_OCCURANCE |
Fix:
Replace the provided jar in the attached zip file to address the issue. Here, the CSRF parameter is passed only once, which resolves the issue.
Note:
Before applying the jar file, kindly verify its compatibility in the "Jar Compatibility" section below.
Steps to apply the fix:
- Download the attached zip file and extract it.
- Navigate to <SDP_Home>\lib and move the existing "SDJSPClasses.jar" file out of SDP installation folder. Then, place the 'SDJSPClasses.jar' file extracted from the zip.
- Restart the application service.
- If the issue occurs again, recreate the issue, then immediately zip the logs (<SDP_Home>\logs folder. For eg: C:\Program Files\ManageEngine\ServiceDesk\logs folder) with full screenshot of the error received in the browser and share it with us for analysis. If the size of the log file is huge, you can send it to us using our FTP link https://bonitas2.zohocorp.com/. Select the product as "ServiceDesk Plus" and provide the proper ticket number.
Jar Compatibility:
Build | Compatible Jar |
14820 | 14820_SDJSPClasses.zip |
New to ADSelfService Plus?
Related Articles
Jar to save criteria in Junk Notification Filter (Admin->Notification Rules)
Problem: Unable to save criteria in Junk Notification Filter ( Admin -> Notification Rules ) Jar is For? The attached fix fjar is to save criteria in Junk Notification Filter. Applicable SDP version : 10502Unable to save Preventive maintenance tasks
Issue: Unable to update just one PM task with more than 300 tasks. When tried to save the PM task, it simply throws "User does not have sufficient privilege". Cause: By default we would have restricted for these many tasks added in PM task. We can ...Unable to save/edit Incident Templates
If you happen to see issue while editing an existing incident template, or error while saving new incident template created with the below error, (INVALID_CSRF_TOKEN) Then get the server.xml from the MSP\conf folder and make the below changes, ...Assign Technician for the unassigned requests using Notification Custom Function
Requirement: When a technician addresses an unassigned request, the corresponding ticket is automatically assigned to that technician. Steps to configure: 1. Download the attached scripts. Copy the contents into Notification custom functions. 2. Goto ...Technician notification based on the site
This KB will help you to get the notification about based on the site to a technician. Please follow the below instructions. Please navigate to Admin >> Request timer action >> Add new timer action. Please configure the below in the application. ...