cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

403 Access denied - Content filter matched: Permission denied

Go to solution
Former Member

on ‎02-03-2010 7:13 PM

0 Kudos

Hello,

I'm trying to send an XML request through an .jsp

It seems that a script within the XML message is detected as forbidden content.When I remove it-it works.

Where do I disable content filter?

Here is the error:

403 Access denied

You do not have the permissions to access this resource

-

Error: -13

Version: 7011

Component: HTTP_FILTER

Date/Time: Wed Feb 03 13:57:21 2010

Module: http_auth.c

Line: 597

Server: xxxxxxxxxxxxxx

Error Tag:

Detail: Content filter matched: Permission denied

This is on NW 7.1

Edited by: German Ramirez on Feb 3, 2010 8:15 PM -nw version added

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎04-20-2010 7:31 AM
0 Kudos

Hello,

I am facing a similair problem.. Could you please explain how you solved it.

Thanks in advance,

John

Show replies
Show replies
Former Member
‎05-05-2010 10:22 AM
0 Kudos

Hello,

we have had the same problem and with the help of this forum entry we could solve this strange behaviour. In our case we wanted to use the "Test Message" tool within the Runtime Workbench (Component Monitoring -> Integration Engine). After pressing the "Send Message"-Button we got this error message.

You have to deactivate the Standard Authorization-Handler Content Filter within Transaction SMICM (Menu -> Goto -> HTTP-Plugin -> Authorization-Handler). After deactivation of this filter we could use the "Test Message" tool again.

Best Regards,

Lars

former_member6733
Explorer
‎03-14-2011 11:28 PM
0 Kudos

Did you solved the mentioned Problem? We are experiencing the same issue.

Thank you for your help.

mathias_essenpreis
Employee
Employee
‎05-04-2011 8:13 AM
0 Kudos

Just as information. This content filter is there to protect you against so called Cross side scripting attacks (XSS) that could compromise your system.

Before deactivating the filter I'd advise you to revisit the application that injects the script code in such a way and checke if this is really necessary.

If you deactivate this filter on app server level and if you don't have other countermeasures against XSS in your applications an attacker could use this to exploit your system.

SAP applications however, especially the ones based on Web Dynpro are protected against XSS by other measures than this filter.

But in any case you should know what to do if you deactive this filter on a productive system.

Former Member
‎10-12-2012 10:28 AM
0 Kudos

Hi Lars,

thanks for your message, I had this problem and I could solve it this way.

Mathias, this is the SAP test tool in PI RWB, it is a quite useful tool for testing interface configuration. Naturally, this use would be limited in productive systems.

Regards,

Jörg

Former Member
‎02-03-2016 1:06 PM
0 Kudos

Hello Mathias,

I am also getting this error. Dactivating authorization handler solved the problem as workaround. In fact it's not a solution. It causes security issues as you wrote.

However in my case the file that I am posting is on the same BSP page in the same domain. I wonder why it's blocked as XSS attack.  Additionally, I get this error for files larger than 5 MB.

Kind Regards,

Coşkun

Answers (2)

Answers (2)

nicola_blasi
Active Participant
‎02-06-2015 3:39 PM
0 Kudos

Very good solution.

The problem occurred after a kernel upgrade 721_ext unicode.

from patching  321 to 413 .

the error in smicm log was

"ERROR => Content filter matched: Permission denied"

I've deactivated the following entry in smicm

The previous had a green flag .

Thanks

Nickk

Show replies
Show replies
Former Member
‎02-03-2010 7:56 PM
0 Kudos

So let me re-phrase: Trying to send xml msg using JSP to PI.?

Where r u getting this error? Is the message hitting PI server?

For XML, did u create the DT in PI or imported the XSD as external def.?

-SM

Show replies
Show replies
Former Member
‎02-05-2010 5:50 PM
0 Kudos

Thank you,-I figured out that the content filter is controlled in ICM. it was removed there and now it works.

Ask a Question