Skip to main content
Announcements
Global Transformation Awards! Applications are now open. Submit Entry
cancel
Showing results for 
Search instead for 
Did you mean: 
mountaindude
Partner Ambassador
Partner Ambassador

400 Bad Request error sometimes after session timeout

This is a tricky one.

I have a QSEoW 2020-Nov-patch1 environment from which I am getting strange timeout errors.
A couple of different virtual proxies: Azure SSO via SAML, and standard Windows auth from the login page provided by Sense.

Session length is 30 minutes and an idle timeout will result in the user being sent to the login screen. All good.

Most times a click on the "Login" button will result in the username/password (for Windows login endpoint) or the Azure login (for Azure SSO) flow being shown.

Sometimes users get this though:

mountaindude_1-1611061761014.png

I've been unable to pinpoint what's causing it and cannot reproduce it.
Those 400 errors come in various shapes and forms (for example:  if a user is arriving with a URL that's not whitelisted in the virtual proxy settings that will give a 400 error), but I've never seen one with "Bad Request" twice like this.

Also, I can't find anything in the logs. Zero.

Usually these kind of errors result in proxy log entries, not this time though.
I've searched all logs from all services, no luck.
I might of course have missed something... Hopefully I've missed something.

So: The issue happens often enough to be an annoyance and it's definitely a loose end.
And loose ends aren't any good.

Any ideas, anyone?

-----------
Edit:

Some additional context. There is a Traefik 2.3 reverse proxy in front of the Qlik Sense server, meaning that traffic to Sense pass through Traefik. The root cause of the issue may be in Sense, in Traefik, in Azure - or any combination thereof.

BUT: Given that the 400 error obviously is served by Sense, I figure there should an error entry somewhere in some log. In the best of worlds it would give a hint to what's going on.

 

 

Please mark the post as a solution if it provided you with a solution to the topic at hand. Thanks!
Labels (1)
16 Replies
lucienorrin
Creator
Creator

Finally someone else with the same issue!

We have the exact same problem except we have an F5 load balancer in front of the hub. Been having it randomly for years. It's been a random issue since at least the early Month/Year versions.

I can't find anything in the logs either, but the error pages are definitely Qlik branded.

Sometimes we will also get the 'stop sign' 404 error. Though the 404 errors are less common since upgrading to Feb 2020 

mountaindude
Partner Ambassador
Partner Ambassador
Author

Interesting.

For what it's worth, I am also sometimes seeing this when connecting directly to the Qlike Sense Enterprise on Windows (Nov 2020, sp1) without any load balancer or reverse proxy in front of it.

I am pretty sure it's related to sessions timing out and that something then - sometimes - goes wrong when the user reconnects by refreshing the browser window.

Increasing the session timeout of course makes this less of a problem, but... not always a good option.

I've looked through the support site too, the best match so far is this article:
https://support.qlik.com/articles/000098524

That issue involves using iFrames and older Senses versions - both of which don't apply to my situation. 

Please mark the post as a solution if it provided you with a solution to the topic at hand. Thanks!
Damien_V
Support
Support

Hello @mountaindude 

This is a known defect (QB-2992) that Qlik R&D is currently investigating.

There is no ETA yet on when a fix will be released for it.

If the issue is solved please mark the answer with Accept as Solution.
mountaindude
Partner Ambassador
Partner Ambassador
Author

Thank you @Damien_V for confirming this is a bug - I've been pulling my hair (not much left to begin with..) on this one!

Ok, I'll put this one on hold for now, hoping for a solution up ahead.

Bte, do you know of any workarounds?
We've increased the session timeout value and that of course does the trick, but it also comes with obvious drawbacks.

Please mark the post as a solution if it provided you with a solution to the topic at hand. Thanks!
Damien_V
Support
Support

Hello @mountaindude 

You've already tried

<add key="InvalidSessionRequestBurstLimit" value="00:00:00"/> <!-- Minimum value is 0, maximum value is 365 days -->

From the article you've found, right ?
If that is the case and you're still seeing the issue, then you're probably encountering one of the corner cases where the workaround doesn't work.

If the issue is solved please mark the answer with Accept as Solution.
lucienorrin
Creator
Creator

Hi @Damien_V 

We just upgraded to Feb 2021 and still have this exact 'bad request' issue. 

Did the fix for Bug QB-1116 get implemented for June 2020 and higher?

Damien_V
Support
Support

Hello @lucienorrin 

Just to clarify, you're getting an error 400 after the session timing out or after logging out ?
As Error 400 is a generic error, it could also happen for many different reasons.

If the issue is solved please mark the answer with Accept as Solution.
lucienorrin
Creator
Creator

@Damien_V 

Timing out.

After a timeout, we see the ‘You have been logged out… Your session has expired…’ screen.

Then when clicking log in, we get the "Bad Request Bad Request" exactly like the screenshot in the op.

mountaindude
Partner Ambassador
Partner Ambassador
Author

I also see this happening on QSEoW Feb 2021, on several different Sense clusters using various authentication solutions. So the issue is still there. Have not tested May 2021 yet.

 

Please mark the post as a solution if it provided you with a solution to the topic at hand. Thanks!