It's all about the answers!

Ask a question

'CRJZS0035E The OAuth signature is not valid' as error when using a reverse proxy

SEC Servizi (97123860) | asked Apr 09 '15, 6:04 a.m.
edited Apr 23 '15, 4:14 a.m.
We are on RTC v4.07 and running on the default Apache Tomcat and we got this error:
CRJZS0035E The OAuth signature is not valid. An application might be configured incorrectly or the consumer secret might be mismatched.
when using a reverse proxy to forward network traffic from clients to CLM application servers.
Our topology is similar to that is discussed in the article
Our reverse proxy listens on port 80 (HTTP) and 443 (HTTPS) and forwards the incoming traffic both to the application server port 9080 (HTTP).
We found the OAuth signature error above due to an incorrect URI construction by Jazz:
It seems the proxy URI param does not preserve the initial protocol used by client (i.e., HTTPS instead of HTTP).
Do we have to maintain the protocol matching when forwarding from reverse proxy to application sever?
Thanks in advance.

One answer

permanent link
Donald Nong (14.5k614) | answered Apr 10 '15, 3:33 a.m.
It's not a good idea to open both port 80 and 443 on the reverse proxy, as users can access CLM via the URL which is _not_ the public URI.

SEC Servizi commented Apr 10 '15, 5:23 a.m.

You're right, we fixed that.

Anyway, in this scenario it seems the initial protocol used by client is not preserve on some URI request.

Your answer

Register or to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.