We are using scheduled saved searches with email links in them as a monitoring tool. The problem is that the majority of users that receive these email get the following error when clicking on the link. "AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; None". The user that created the saved search has the POWER role and the one user I am using for testing purposes has the POWER role as well. I have the ADMIN role and I have no difficulties opening the link and of course the creator has no problems opening the link either.
The splunk_web_access.log file shows the following:
2011-01-24 14:33:05,208 ERROR customlogmanager:22 - [24/Jan/2011:14:33:05] HTTP Traceback (most recent call last):
File "/usr/concur/splunk/lib/python2.6/site-packages/cherrypy/_cprequest.py", line 606, in respond
cherrypy.response.body = self.handler()
File "/usr/concur/splunk/lib/python2.6/site-packages/cherrypy/_cpdispatch.py", line 25, in call
return self.callable(*self.args, **self.kwargs)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/lib/routes.py", line 307, in default
return route.target(self, **kw)
File "", line 1, in
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 28, in rundecs
return fn(*a, **kw)
File "", line 1, in
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 76, in check
return fn(self, *a, **kw)
File "", line 1, in
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 116, in check_login
return fn(self, *a, **kw)
File "", line 1, in
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 137, in handle_exceptions
return fn(self, *a, **kw)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/controllers/view.py", line 1099, in render
templateArgs = self.buildViewTemplate(app, view_id, action, q, sid, s, earliest, latest, remote_server_list)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/controllers/view.py", line 827, in buildViewTemplate
appConfig = self.getAppConfig(app, view_id, build_nav)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/appserver/mrsparkle/controllers/view.py", line 446, in getAppConfig
savedSearchObject = splunk.saved.getSavedSearchFromSID(cherrypy.request.params.get('sid'))
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/saved.py", line 207, in getSavedSearchFromSID
ss = getSavedSearch(job.label, namespace=namespace, owner=owner, sessionKey=sessionKey)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/saved.py", line 95, in getSavedSearch
return entity.getEntity(SAVED_SEARCHES_ENDPOINT_ENTITY_PATH, label, namespace=namespace, owner=owner, sessionKey=sessionKey)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/entity.py", line 205, in getEntity
serverResponse, serverContent = rest.simpleRequest(uri, getargs=kwargs, sessionKey=sessionKey, raiseAllErrors=True)
File "/usr/concur/splunk/lib/python2.6/site-packages/splunk/rest/init.py", line 387, in simpleRequest
raise splunk.AuthorizationFailed
AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; None
Does anybody have an idea where I could start troubleshooting this?
Thanks in advance.
... View more