Problem
Attempting to log in to the Surveillance UI in Enterprise Vault Surveillance on-premises (also known as Compliance Accelerator (CA)) fails and lists the HTTP error listed below. Additional errors may also be listed in the Event Logs, as below.
Error Message
Error on the Surveillance login page:
HTTP Error 404.7 - Not Found
The request filtering module is configured to deny the file extension.
Most likely causes:
- Request filtering is configured for the Web server and the file extension for this request is explicitly denied.
Things you can try:
- Verify the configuration/system.webServer/security/requestFiltering/fileExtensions settings in applicationhost.config and web.config.
Detailed Error Information:
Module RequestFilteringModule
Notification BeginRequest
Handler aspNetCore
Error Code 0x00000000
Requested URL https://<CA Server URL>:81/
Physical Path C:\Program Files (x86)\Enterprise Vault Business Accelerator\SupervisionWeb
Logon Method Not yet determined
Logon User Not yet determined
More Information:
This is a security feature. Do not change this feature unless the scope of the change is fully understood. If the file extension for the request should be allowed, remove the denied file extension from configuration/system.webServer/security/requestFiltering/fileExtensions.
Application Event Logs entries:
Log Name: Application
Source: .NET Runtime
Event ID: 1000
Task Category: None
Level: Error
Keywords: Classic
Description:
Category: Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware
EventId: 1
SpanId: 720e3a0a6e6dab11
TraceId: acf83c4c6d156445d20a64f156874427
ParentId: 0000000000000000
RequestId: 80000036-0002-ff00-b63f-84710c7967bb
RequestPath: /api/authentication/login
An unhandled exception has occurred while executing the request.
Exception:
System.UnauthorizedAccessException: User is unauthorized.
at csc_app.Controllers.AuthenticationController.Login(AuthenticationLoginRequest userdata)
at lambda_method30(Closure, Object)
at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.AwaitableObjectResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Awaited|12_0(ControllerActionInvoker invoker, ValueTask`1 actionResultValueTask)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker)
at Microsoft.AspNetCore.Routing.EndpointMiddleware.<Invoke>g__AwaitRequestTask|7_0(Endpoint endpoint, Task requestTask, ILogger logger)
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)
at csc_app.SecurityHeaders.SecurityHeadersMiddleware.Invoke(HttpContext context)
at csc_app.Startup.<>c.<<Configure>b__5_1>d.MoveNext()
--- End of stack trace from previous location ---
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddlewareImpl.<Invoke>g__Awaited|10_0(ExceptionHandlerMiddlewareImpl middleware, HttpContext context, Task task)
V-437-1000
Log Name: Application
Source: .NET Runtime
Event ID: 1000
Task Category: None
Level: Error
Keywords: Classic
Description:
Category: csc_app.Controllers.AuthenticationController
EventId: 0
SpanId: 720e3a0a6e6dab11
TraceId: acf83c4c6d156445d20a64f156874427
ParentId: 0000000000000000
RequestId: 80000036-0002-ff00-b63f-84710c7967bb
RequestPath: /api/authentication/login
ActionId: e1cafdec-116d-42fe-bf10-b7a18e1b2c27
ActionName: csc_app.Controllers.AuthenticationController.Login (csc-app)
Failed to authenticate.
Exception:
System.Exception: Internal Server Error
at csc_app.Helpers.CryptoHandler.EncryptData(String value, Int32 tenantId, Int32 customerId, Byte[] iv)
at csc_app.Helpers.CookieEncryptor.StoreEncryptedContentAsCookie[T](HttpContext httpContext, T content, String cookieName)
at csc_app.AuthHandler.AuthenticationHandlerBase.CreateSupervisionResponse(OAuthResponse response, String userNameOrToken, Boolean isFromRefresh, AuthenticationToken authenticationToken, HttpContext httpContext, String typeOfLogin, Boolean calledForDefaultCustomer)
at csc_app.AuthHandler.AuthenticationHandlerBase.CreateSupervisionResponse(OAuthResponse response, String userNameOrToken, Boolean isFromRefresh, AuthenticationToken authenticationToken, Boolean calledForDefaultCustomer)
at csc_app.AuthHandler.WindowsAuthenticationHandler.CreateSupervisionResponse(OAuthResponse response, String userNameOrToken, Boolean isFromRefresh, AuthenticationToken authenticationToken, Boolean calledForDefaultCustomer)
at csc_app.AuthHandler.AuthenticationHandlerBase.HandleLoginAuthResponse(AuthenticationLoginRequest userdata, OAuthResponse response, Int64 atsvcLoginElapsedMs)
at csc_app.AuthHandler.AuthenticationHandlerBase.Login(AuthenticationLoginRequest userdata)
at csc_app.Controllers.AuthenticationController.Login(AuthenticationLoginRequest userdata)
V-437-1000
Log Name: Application
Source: .NET Runtime
Event ID: 1000
Task Category: None
Level: Error
Keywords: Classic
Description:
Category: csc_app.Helpers.CryptoHandler
EventId: 0
SpanId: 720e3a0a6e6dab11
TraceId: acf83c4c6d156445d20a64f156874427
ParentId: 0000000000000000
RequestId: 80000036-0002-ff00-b63f-84710c7967bb
RequestPath: /api/authentication/login
ActionId: e1cafdec-116d-42fe-bf10-b7a18e1b2c27
ActionName: csc_app.Controllers.AuthenticationController.Login (csc-app)
Internal Server Error
Exception:
System.ArgumentNullException: Value cannot be null. (Parameter 'key')
at System.Security.Cryptography.AesGcm..ctor(Byte[] key)
at Veritas.Supervision.Common.Security.AuthenticatedCrypto.EncryptToBytes(String plainText, Byte[] key, Byte[] nonce)
at Veritas.Supervision.Common.Security.Crypto.Encrypt(String plainText, Byte[] key, Byte[] iv)
at csc_app.Helpers.CryptoHandler.EncryptData(String value, Int32 tenantId, Int32 customerId, Byte[] iv)
V-437-1000
401 (Unauthorised) and 404.7 (Not Found) entries in the various IIS logs (%SystemDrive%\inetpub\logs\LogFiles):
<Date Time> <CA Server IP Address> GET /api/roles - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 401 0 0 344
<Date Time> <CA Server IP Address> GET /api/users/preferences - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 401 0 0 344
<Date Time> <CA Server IP Address> POST /api/configurations/settings - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 401 0 0 342
<Date Time> <CA Server IP Address> GET /api/users/current - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 401 0 0 92
<Date Time> <CA Server IP Address> GET /api/review/markingStatuses - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 401 0 0 343
<Date Time> <CA Server IP Address> GET /index.html - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 4406
<Date Time> <CA Server IP Address> GET /ngsw.json ngsw-cache-bust=0.543039491956813 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 0
<Date Time> <CA Server IP Address> GET /favicon.ico - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 1
<Date Time> <CA Server IP Address> GET /ngsw.json ngsw-cache-bust=0.34056193384727973 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 1
<Date Time> <CA Server IP Address> GET /index.html - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 3
<Date Time> <CA Server IP Address> GET /ngsw.json ngsw-cache-bust=0.7301793000008597 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 1
<Date Time> <CA Server IP Address> GET /favicon.ico - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 1
<Date Time> <CA Server IP Address> GET /ngsw.json ngsw-cache-bust=0.22363336707463644 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 1
<Date Time> <CA Server IP Address> GET / - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 0
<Date Time> 1<CA Server IP Address> GET / - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 - 404 7 0 0
<Date Time> <CA Server IP Address> GET /favicon.ico - 81 - <CA Server IP Address> Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/136.0.0.0+Safari/537.36 https://ca.evrpslab.com:81/ 404 7 0 0
<Date Time> <CA Server IP Address> GET /api/learning-enabled-departments/customer/1 - 449 - <EV Server IP Address> - - 401 2 5 3627
<Date Time> <CA Server IP Address> GET /api/learning-enabled-departments/customer/1 - 449 <Vault Service Account login> <CA Server IP Address> - - 403 0 0 4354
<Date Time> <CA Server IP Address> GET /api/learning-enabled-departments/customer/1 - 449 - <EV Server IP Address> - - 404 7 0 688
<Date Time> <CA Server IP Address> ::1 POST /api/authentication/login - 81 - ::1 Mozilla/5.0+(Windows+NT+10.0;Win64;+x64)+AppleWebKit/537.36(KHTML,+like+Gecko)+Chrome/135.0.0.0+Safari/537.36+Edg/135.0.0.0 - 401 0 0 4681
Cause
The unlisted file extensions option in the applicationHost.config file was edited to not allow unlisted file extensions. For example:
<requestFiltering>
<fileExtensions allowUnlisted="false" applyToWebDAV="true">
Solution
1. Edit the applicationHost.config file under %windir%\system32\inetsrv\config\ to revert the unlisted file extensions option to its default value and save the file:
<requestFiltering>
<fileExtensions allowUnlisted="true" applyToWebDAV="true">
2. Restart the IIS Admin Service in the Services MMC.
3. Re-try the Surveillance login.