Login issues on XPERTrak after upgrading to 2.1.3

Document created by viavisupport on Aug 16, 2019
Version 1Show Document
  • View in full screen mode
Resolution
In order to solve this issues, edit this file:
 
C:\Program Files\Viavi Solutions\XPERTrak 2.1\tomcat\webapps\pathtrak\WEB-INF\web.xml
 
This is what is there by default:
 
<filter>
        <filter-name>CorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>http://localhost:3000,http://localhost:5000</param-value>
        </init-param>
 
Add this, save and restart Tomcat. à https://xxxx.xxxx  (Change it accordingly to your settings http or https and xxxx.xxxx is your URL)
 
<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>http://localhost:3000,http://localhost:5000, https://xxxx.xxxx</param-value>
    </init-param>
 
Tomcat restart is required after the edit.
 
The reason this is required in now is we have always expected people using reverse proxy servers to use AJP from the proxy to the XPT server.  In 2.0 we allowed ALL cross-origin http access from the proxy to server because we thought no one was using it.  To decrease possible cross-origin access we removed basically an asterisk (*) from that line which, unless the proxy URL was identical to the server URL, it would be blocked.  Again, we expected everyone was using AJP not http.  Adding that URL into the file allows that URL to access.  Kind of like a white-list.
 
We still recommend AJP.  It is much more secure.
 
Alfredo Fierro
EMEA TAC

Attachments

    Outcomes