Question
SRI KRISHNA COLLEGE OF ENGINEERING AND TECHNOLOGY
IN
Last activity: 20 Jun 2023 6:06 EDT
Error corretion
HTTP Status 403 – Forbidden
Type Status Report
Description The server understood the request but refuses to authorize it.
Apache Tomcat/9.0.76
Getting this error while creating a case in customer portal. Please clarify how to clear it.
Updated: 20 Jun 2023 6:06 EDT
Pegasystems Inc.
GB
@HarshiniS16775923 this question has been asked multiple times before on this forum. Please do a key word search.
You will find posts like this one.
The access is tied to the application logic, such as insufficient rights to a resource.
There was an earlier BUG which was supposedly fixed as of 8.6: BAC issue in cosmos while launching child cases (BUG-632253)
The BAC issue occurred when the newcover activity is supported from the theme cosmos and called from addCaseWorkFromActionMenu - it was not registered for BAC . In the later version this bac issue was fixed by registering the new activity NewCovered in pycaseactionparams.
You have not provided your Pega version but it might be important. See article Verifying requests when using custom controls (the older version documentation can be found here.)
Please follow the suggested steps in the documentation:
Troubleshoot and mitigate your broken access controls to resolve your application’s BAC issues.
@HarshiniS16775923 this question has been asked multiple times before on this forum. Please do a key word search.
You will find posts like this one.
The access is tied to the application logic, such as insufficient rights to a resource.
There was an earlier BUG which was supposedly fixed as of 8.6: BAC issue in cosmos while launching child cases (BUG-632253)
The BAC issue occurred when the newcover activity is supported from the theme cosmos and called from addCaseWorkFromActionMenu - it was not registered for BAC . In the later version this bac issue was fixed by registering the new activity NewCovered in pycaseactionparams.
You have not provided your Pega version but it might be important. See article Verifying requests when using custom controls (the older version documentation can be found here.)
Please follow the suggested steps in the documentation:
Troubleshoot and mitigate your broken access controls to resolve your application’s BAC issues.
Pega Platform™ protects access to information in your application by using role-based settings and access control policies. Pega Platform provides additional request verification when you use autogenerated controls. When your application supports access checking and includes non-autogenerated controls, you need to identify and fix the controls.
--> The checks in article Verifying requests when using custom controls should resolve this.
Also see Support Document Understanding HTTP status codes for troubleshooting common issues
If you have no further luck here on the forum I suggest that you log a support incident for this on the MSP. Please provide the INC id here so we can help track it.