Problem

Empty crowd.token_key cookie in response header and failed authentication.

Solution

This problem most likely occurs when ihtsdo-tools application has been authorized but user may not be part of crowd directory or group which has access to ihtsdo-tools application. To resolve this error user should be assigned to group or a directory which has access to an ihtsdo-tools application.

Problem

Error "Client with address '127.0.0.1' is forbidden from making requests to application 'ihtsdo-tools'" while attempting authentication from any IHTSDO tools application.

Solution

This problem is due to nginx - crowd's tomcat topology. To resolve this ithtsdo-tools application settings inside Crowd must  have following allowable remote addresses beside other known remote ips.

  • localhost
  • 127.0.0.1
  • <machine-name>.local

Also Crowd support CIDR so if required allowable remote address should be configured accordingly.

Problem

How to enable logging in crowd

Solution

To trouble shoots any authorization error which may not be obvious in general debugging, Crowd debug log can be enabled from logging/profiling options

https://dev-crowd.ihtsdotools.org/crowd/console/secure/admin/loggingProfiling.action . Logs are stored in {crowd installation directory}/apache-tomcat/logs

Error rendering macro 'contentbylabel'

parameters should not be empty