• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Coldfusion 2018 Update 12 403 forbidden error

Explorer ,
Sep 24, 2021 Sep 24, 2021

Copy link to clipboard

Copied

We updated Coldfusion 2018 from Update 11 to 12 this week (including query of query hotfix by the Coldfusion Support) and after this some of our servers were not reachable any more (we had to roll back as these are productive servers).

Tomcat outputs HTTP Status 403 - Forbidden.

I searched in the forum and found entries about Update 8 leading to such an error.

But we had installed coldfusion 2018 incl. Update 10 in the beginning and updated to 11 since. So I presume this must be another problem.

Is there any known problem with the current Update 12 and Tomcat?

Views

1.6K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

Adobe Employee , Sep 24, 2021 Sep 24, 2021

Hi @elisabethf82215657 ,

 

Once you apply the hotfix, make sure to re-create the connector. Becase there is a new property added after update 7. In case, it is not matching the secret key, it will throw 403 error. 

 

If you have already done the connector and still getting the error, then check the server.xml(\ColdFusion2018\{instance}\runtime\conf) and then search for "secret". In the same line if you have both "secret" and "requiredsecret", please remove the requiredsecret entry and restart th

...

Votes

Translate

Translate
Community Expert ,
Sep 24, 2021 Sep 24, 2021

Copy link to clipboard

Copied

I haven't heard of any problem with Update 12 and Tomcat. In fact the upgrade from Update 11 to Update 12 includes a Tomcat upgrade from version 9.0.41 to 9.0.50.

 

Did you upgrade the connectors after installing Update 12? I think that that is the most likely cause of the 403 - Forbidden response.

 

See this similar discussion: https://community.adobe.com/t5/coldfusion-discussions/403-forbidden-access-after-installing-update-1... 

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Sep 24, 2021 Sep 24, 2021

Copy link to clipboard

Copied

Hi @elisabethf82215657 ,

 

Once you apply the hotfix, make sure to re-create the connector. Becase there is a new property added after update 7. In case, it is not matching the secret key, it will throw 403 error. 

 

If you have already done the connector and still getting the error, then check the server.xml(\ColdFusion2018\{instance}\runtime\conf) and then search for "secret". In the same line if you have both "secret" and "requiredsecret", please remove the requiredsecret entry and restart the server. It will fix the issue.

 

Thanks,
Priyank Shrivastava

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Sep 24, 2021 Sep 24, 2021

Copy link to clipboard

Copied

Thanks, Priyank.  I experienced the same issue.  This resolved it for me.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 18, 2021 Oct 18, 2021

Copy link to clipboard

Copied

FWIW, the two next CF2018 HF12 updates that I ran did not have this problem.  They installed without issue.

 

The only obvious differences between the three servers was that the first one that had the 403 issue ran the Developer's edition and the later ones that worked w/o issue were both running Enterprise edition.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Sep 27, 2021 Sep 27, 2021

Copy link to clipboard

Copied

Thanks a lot! This also resolved the problem for us!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Oct 04, 2021 Oct 04, 2021

Copy link to clipboard

Copied

Had the same issue on 2 separate ColdFusion 2018 installations. This was the solution. Thank you!

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Oct 18, 2021 Oct 18, 2021

Copy link to clipboard

Copied

As for all those reporting that removing the requiredSecret fixed things, since that's not there for most people, I'd love to help everyone to know how and when it WOULD be there. I don't suspect most of you PUT it there (when it was being ignored before these latest updates), though that's possible of course.

 

Instead, for those of you who did not PUT that attribute there, could it be that you ran the CF AutoLockdown tool (which was new with CF2018, an optional tool to make CF and your server more secure)? Could it be that THAT put it there--and again it lurked unnoticed until this latest update?

 

Also, those of you who had the problem on "some servers and not others", might it be that you ran the autolockdown tool on some but not all servers?

 

I realize we won't hear from everyone here, but I thought it worth asking--because this problem does not happen to most folks, just those who have that requiredSecret attribute (not to be confused with secretRequired).


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Explorer ,
Oct 18, 2021 Oct 18, 2021

Copy link to clipboard

Copied

The "2" 2018 servers that gave me issues had the lockdown tool installed. I believe that was the issue.

 

This issue did not occur on a 2021 server that had the lockdown tool installed though. It only happened on the 2018 versions.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Oct 18, 2021 Oct 18, 2021

Copy link to clipboard

Copied

Interesting. Thanks. 🙂 Let's see how others may report. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Beginner ,
Oct 22, 2021 Oct 22, 2021

Copy link to clipboard

Copied

Thanks, Charlie. My short answer is that I'm not sure whether that's the case with the one on which I had to make the change. 🙂

 

We're not using the lockdown tool, but had tried it out early on, probably on all three of the servers.  We run Enterprise on our dev server to ensure that it has the same features that the apps will have in production.  

 

The server where I had the issue was my test server where I can try stuff out before I implement on the dev and prod servers.  I probably tried the lockdown tool on that while it still had a CF trial license.  So it's a possibility that it was a leftover from that.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Oct 22, 2021 Oct 22, 2021

Copy link to clipboard

Copied

LATEST

Thanks for the update, Phil. 


/Charlie (troubleshooter, carehart.org)

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation