Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Jul 12, 2021 2:18:44 AM
Jul 8, 2021 1:58:08 PM
The Service Repository logs report '403 Access was denied '
The logs can be found here:
C:\ProgramData\Qlik\Sense\Log\Repository\System
You will find 2 different types of 403 Access was denied errors in combination with /qrs/requestaccesstype:
/qrs/requestaccesstype License professional access 403 Access was denied for User: 'DOMAIN\administrator', with AccessID '3a5f6bbc-45f0-4203-b49f-92142a330228', SessionId: '708d4b57-ef6c-4f97-83b5-7374d4d406c9', SessionCount: '5', Hostname: '::ffff:172.16.16.102', OperationType: 'UsageDenied' a8b195ea-5958-4e01-ab74-31d45e14e413
and
/qrs/requestaccesstype Undefined 403 Access was denied for User: 'DOMAIN\administrator', SessionId: '54a77dc2-b9b8-439c-b8fb-93823f6a00a2', Hostname: '::ffff:172.16.16.102', Requested access types: '', OperationType: 'UsageDenied' e1c03b18-e6dd-4623-b3db-3390e7d0c827
Qlik Sense Enterprise on Windows April 2018 or higher
Reloads in Qlik Sense may generate calls against the Qlik Sense Proxy API. An example is the reload of the monitoring applications.
In Qlik Sense April 2018, the user executing those API calls (by default the Qlik Sense Service account) is now opening parallel active sessions.
This behavior has an impact on User Access Pass Allocation only and was introduced as a consequence of the introduction of analyzer users in the Qlik Sense April 2018 release.
Qlik Sense Service account: "You cannot access Qlik Sense because you have no access pass"
When making a QRS API call over QPS (like the Operations and License Monitor apps do out of the box), the request will undergo a license check (/qrs/requestaccesstype)
This was raised as Defect QB-2579, but is considered WAD (Working as designed)
Qlik Sense Service account: "You cannot access Qlik Sense because you have no access pass"
Hi,
Thanks for this description!
I would only like to have ERRORs in the log on which I should act upon.
Do you know any workaround to prevent the log from containing those errors?
The only other option I see is to create a copy of the sheet I use for monitoring purposes, and suppress the ERRORs I don't want to see. But I don't prefer that option..
Grt,
Suzanne
Hello @Suzanne_van_der_Tang
We recommend logging a support ticket regarding this with the reasoning you've provided me here. This would help our engineers investigate with RnD if the issue can be re-evaluated.
All the best,
Sonja
Hi @Sonja_Bauernfeind ,
Thanks for the reply! I have created a case for this (number 00022726).
Grt,
Suzanne
There is a workaround as well.
If you have an issue with this extra benign log entry, you can edit the REST connections to use certificates.
The process is elaborated in the rest connector documentation in the section for how to use certificates in rest connections.
https://help.qlik.com/en-US/connectors/Subsystems/REST_connector_help/Content/Connectors_REST/Create...
Hi @JanJorissen ,
Thanks for the reply. I've seen that workaround. Do you know if there are any disadvantages I will encounter when using REST/certificates instead of the current solution?
Grt,
Suzanne