RTCz v2.0.0.2 iFix-1 unable to upload license file

Installed RTCz v2.0.0.1 then upgraded to v2.0.0.2 iFix-1 before configuration. Then configured and Jazz team server start up has done with no problem. Connected to Jazz server via https://ourserver:9443/jazz/admin and login with ADMIN was successful.

When trying to upload license file on license key management panel, we got :

The user has the roles required to perform this operation, but the permission
has been denied because this request might have been forged by a malicous website. To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent' and use the current JSESSIONID value as the value.

No services error found, and database is configured properly.

What's wrong ?

What is the authentication mechanism in use? Do you have any real users created with JazzAdmins permission? (that is, a user other than ADMIN/ADMIN) Can you try with a user other than ADMIN/ADMIN?

Thanks
Bruce

I run Apache Tomcat and am using Tomcat users authentication.

When I connect to Jazz server at /jazz/admin via ADMIN/ADMIN, going to custom setup, I can reach Step 5 with no problem.

At Step 5 (Setup user registry), select Tomcat User Database, specify new user account information, uncheck disable default ADMIN access, check RTCz developer, then click next button.

Then got :

An error occurred while saving the configuration properties.
Your account does not belong to the groups that are authorized to access the Web UI. Please contact your server administrator.

Because of above, I cannot add new user(s) other than ADMIN so far.

Thanks.

I run Apache Tomcat and am using Tomcat users authentication.

When I connect to Jazz server at /jazz/admin via ADMIN/ADMIN, going to custom setup, I can reach Step 5 with no problem.

At Step 5 (Setup user registry), select Tomcat User Database, specify new user account information, uncheck disable default ADMIN access, check RTCz developer, then click next button.

Then got :

An error occurred while saving the configuration properties.
Your account does not belong to the groups that are authorized to access the Web UI. Please contact your server administrator.

Because of above, I cannot add new user(s) other than ADMIN so far.

Thanks.

Rather than adding the new user via "setup", can you go log in to /admin with ADMIN/ADMIN and go to User Management and create a new user? Make sure you give the new user JazzAdmins permission and a developer license.

Thanks
Bruce

I tried to add the new user via /admin with ADMIN/ADMIN on User Management.

clicked Create User button, but I can input User ID field only. The other fields are grayed out. At the right bottom corner, the following gray colored message can be seen :

Warning: The server has reached the maximum user limit. You will not be able to increase the number of users that are assigned a Client Access License type that is counted in the server user limit.

checked rtcz-license-profile.ini and it shows :

url=file:/usr/lpp/jazz/v2.0/server/license-update-site
feature=com.ibm.team.rtcz.server.license.standard-trial.feature

Status Summary shows server license status is "trial". It sounds no problem, since I cannot upload license file.

Thanks.

Still I have this problem..

If anyone who had working RTCz 2.0.2 iFix-1 Jazz team server on z/OS, I'd like to check my configuration files.

Please advise.

Pursuing Bruce's suggestion is still worthwhile...i.e creating a userid with jazzadmin authority that is not ADMIN/ADMIN. I have two other possible things to try.

Firstly try creating the userid through the web ui using a different browser. I half remember seeing this happen using one browser at a particular level but it being ok with a different browser.....can't remember the browser specifics.

Secondly, you can try creating it through the Eclipse client. Once you have a connection to the server (using ADMIN/ADMIN), right mouse click on it and select new==>user.

Your 2nd suggestion really worked ! Thank you.
Now I can add user with JazzAdmin authority using Eclipse client. After adding user, I logged on to Jazz server with added admin user.
When I tried to upload license file, got the same error message like :

The user has the roles required to perform this operation, but the permission
has been denied because this request might have been forged by a malicous website. To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent' and use the current JSESSIONID value as the value.

I tried this with several web browsers, but got the same result. I'd like to know how to bypass CSRF error above.

Your 2nd suggestion really worked ! Thank you.
Now I can add user with JazzAdmin authority using Eclipse client. After adding user, I logged on to Jazz server with added admin user.
When I tried to upload license file, got the same error message like :

The user has the roles required to perform this operation, but the permission
has been denied because this request might have been forged by a malicous website. To prove that this request is not part of a CSRF attack add a new HTTP header with the name 'X-Jazz-CSRF-Prevent' and use the current JSESSIONID value as the value.

I tried this with several web browsers, but got the same result. I'd like to know how to bypass CSRF error above.

Can you be specific about the browsers you're trying? Have you tried clearing the browser cache and only logging in with the new ADMIN user?

Would you like to know how to work around as described in adding the HTTP header?

I tried with Firefox 3.5.10 and Safari 5 on Win XP Pro. Indeed I cleared web
browser cache and logged on with newly created admin user.

As to workaround, I will have to study how to do it.

I've got the same error but with RQM 2.0.1 ifix02 on WAS(https://jazz.net/jazz02/web/projects/Rational%20Quality%20Manager#action=com.ibm.team.workitem.viewWorkItem&id=35172&tab=35172) . @greenbru, how do you work around this?
Thanks