403 Forbidden and session crashes for end users
Suddenly yesterday we started facing a problem when users tries to login or comes back to a pervious session.
New users are facing
- HTTP Status 403 - Forbidden
- Type Status Report
- Message : Unable to authorize
- Description : The server understood the request but refuses to authorize it
- Apache Tomcat/9.0.31
Users that tries to come back to a previous session:
Gets a blue screen crash : the operation completed successfully, but returned no content
- Status: good
- Operator: Unauthenticated or not available
- Node: No ID available
Our configuration is using a 3 nodes, and the problem is mainly faced by users on node B and Node C. Node A seems to be working fine, and the users who logs into that node do not face the problem. Howvere on Node B and Node C some users did not face the problem at all.
Our PegaRules file shows the following errors:
1st error
Suddenly yesterday we started facing a problem when users tries to login or comes back to a pervious session.
New users are facing
- HTTP Status 403 - Forbidden
- Type Status Report
- Message : Unable to authorize
- Description : The server understood the request but refuses to authorize it
- Apache Tomcat/9.0.31
Users that tries to come back to a previous session:
Gets a blue screen crash : the operation completed successfully, but returned no content
- Status: good
- Operator: Unauthenticated or not available
- Node: No ID available
Our configuration is using a 3 nodes, and the problem is mainly faced by users on node B and Node C. Node A seems to be working fine, and the users who logs into that node do not face the problem. Howvere on Node B and Node C some users did not face the problem at all.
Our PegaRules file shows the following errors:
1st error
2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [ STANDARD] [ ] [ ] (taencryption.DecryptionHandler) ERROR - Failed to decrypt com.pega.pegarules.pub.PRRuntimeException: Failed to get data key for system data at com.pega.pegarules.exec.internal.crypto.dataencryption.DataKeyProvider.getSystemDataKey(DataKeyProvider.java:239) ~[prprivate.jar:?]
2nd Error
2020-03-10 13:24:58,161 [ http-nio-80-exec-22] [ STANDARD] [ ] [ ] (.SessionCookieRequestConverter) ERROR - Invalid Pega-RULES cookie value.
The network, load balancer and tomcat teams ruled out the problem from infrastructure. Problem being faced on all browser types
Any idea what could be the root cause?
Thanks