It's all about the answers!

Ask a question
QuestionsTagsUsersBadges
Follow this question
Question details

×10,742
×7,313
×5,722
×1,217
×1,140

question asked: Jul 26 '21, 3:27 a.m.
question was seen: 2,346 times
last updated: Dec 08 '22, 7:17 a.m.

Related questions

FAQ - How this Forum works

DNG: OpenSocial-Gadget is not loaded. CRJAZ5037E

0
Ulrich Simon (152) | asked Jul 26 '21, 3:27 a.m.

I have created an OpenSocial-Gadget, copied it into  .\JazzTeamServer\server\liberty\servers\clm\dropins\war\extensions and added it to a WidgetCatalog.xml file. I referenced this file in the Advanced Properties of DNG and adapted server.xml to enable dropins. I did this on 2 installation of DNG 7.0.2.

In both installations, the new Gadget is shown in the selection view to add a widget to a dashboard and I can add the gadget to my Minidashboard. In one installation, the gadget is loaded and is working.
On the other installation, the gadget is not loaded but error CRJAZ5037E appears. There is no error message in the Browser Console. I am able to retrieve the Gadget-xml-File in a browser directly on the Jazz-Server. I cannot find any message in any log file.

Accepted answer

3
permanent link
Ian Barnard (1.8k613) | answered Jul 26 '21, 3:58 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

ELM 7.0.2 iFix004, ELM 7.0.1 iFix009, CLM 6.0.6.1 iFix018, and CLM 6.0.6 iFix022 (and later) have increased level of security on OpenSocial widgets; see https://www.ibm.com/support/pages/node/6466981 for how to change settings on the server to allow the widgets to work.


Ulrich Simon selected this answer as the correct answer
Comments
Bartosz Chrabski commented Jul 26 '21, 4:02 a.m.

 Yes, that is true.

2 other answers

Most liked answers ↑|Newest answers|Oldest answers

2
permanent link
Bartosz Chrabski (3.3k12547) | answered Jul 26 '21, 3:36 a.m.
edited Jul 26 '21, 3:37 a.m.

 Ulrich,


Please go to rm/admin and selected Advanced Properties.

Search for com.ibm.team.repository.service.opensocial.gadgetprovider.OpenSocialGadgetProviderRestService

Next change value of External resources allowance list to *.

It will solve your problem.

Bartek

Comments
Ian Barnard commented Jul 26 '21, 3:59 a.m.
FORUM ADMINISTRATOR / FORUM MODERATOR / JAZZ DEVELOPER

The change in behaviour was made to decrease SSRF vulnerability, but using * will bypass this - you should use specific URLs.

Bartosz Chrabski commented Jul 26 '21, 4:02 a.m.

True 
0
permanent link
Manju Gowda (37110) | answered Dec 08 '22, 7:17 a.m.

instead of rm/admin, go to jts/admin. This is for 702

Your answer

Register or to post your answer.