Paul Timms
2-14-24
Operating system: macOS
When connecting to the REST API using OAuth2, it usually works but sometimes it returns a HTTP/1.1 403 error.
I can see the connection attempt in timings.log:
[TreatTxQueue-msg_updating_http]   	-   	api/1/POVc   	0   	2024-02-14 16:05:08   	283   	0   	0
However, there is nothing in hansa.log referencing this connection at this time.
In web_sessions.log, I can see the following, where connections are being made from two systems/IP addresses:
2024-02-14 16:03:10 SYSTEM/THREAD(13) [26 185.53.57.nn:60694] starting to treat http message
2024-02-14 16:03:10 SYSTEM/THREAD(13) [26 185.53.57.nn:60694] finding session HSESSION =  res = not found
2024-02-14 16:03:10 SYSTEM/THREAD(13) [26 185.53.57.nn:60694] inserting session uuid = BDE85186-BAC33ECA-69636BDF-4B0C72A4-84286BC9
2024-02-14 16:03:10 SYSTEM/THREAD(13) [26 185.53.57.nn:60694] finished treating http message
2024-02-14 16:03:10 SYSTEM [26 185.53.57.nn:60694] starting to treat http message
2024-02-14 16:03:10 SYSTEM [26 185.53.57.nn:60694] finding session HSESSION =  res = not found
2024-02-14 16:03:10 SYSTEM [26 185.53.57.nn:60694] inserting session uuid = E5E97511-236C6715-4E236F2C-498323B0-A958F264
2024-02-14 16:03:10 SYSTEM [26 185.53.57.nn:60694] sending cookie HSESSION uuid = E5E97511-236C6715-4E236F2C-498323B0-A958F264
2024-02-14 16:03:10 SYSTEM [26 185.53.57.nn:60694] finished treating http message
2024-02-14 16:05:08 SYSTEM/THREAD(16) [42 81.149.230.nn:7668] starting to treat http message
2024-02-14 16:05:08 SYSTEM/THREAD(16) [42 81.149.230.nn:7668] finding session HSESSION =  res = not found
2024-02-14 16:05:08 SYSTEM/THREAD(16) [42 81.149.230.nn:7668] inserting session uuid = 280583D4-F4E1CFDE-F1BDAC84-0AFCD5DF-4646FBFF
2024-02-14 16:05:08 SYSTEM/THREAD(16) [42 81.149.230.nn:7668] finished treating http message
2024-02-14 16:05:08 SYSTEM [42 81.149.230.nn:7668] starting to treat http message
2024-02-14 16:05:08 SYSTEM [42 81.149.230.nn:7668] finding session HSESSION =  res = not found
2024-02-14 16:05:08 SYSTEM [42 81.149.230.nn:7668] inserting session uuid = 787B8DF9-63058FD9-4B04A4F6-9E0B9DCC-F53413E0
2024-02-14 16:05:08 SYSTEM [42 81.149.230.nn:7668] sending cookie HSESSION uuid = 787B8DF9-63058FD9-4B04A4F6-9E0B9DCC-F53413E0
2024-02-14 16:05:08 SYSTEM [42 81.149.230.nn:7668] finished treating http message
2024-02-14 16:05:24 SYSTEM [42 81.149.230.nn:7668] destroy session uuid = E5E97511-236C6715-4E236F2C-498323B0-A958F264
2024-02-14 16:07:24 SYSTEM [42 0.0.0.0] destroy session uuid = 787B8DF9-63058FD9-4B04A4F6-9E0B9DCC-F53413E0
Comparing this with a successful (i.e. HTTP/1.1 200) response, the above has additional lines, in particular "finding session HSESSION =  res = not found". What does this mean?
Is it also normal that the session beginning E5 was created for the IP beginning 185.53, but the destroy session line is linked to the IP beginning 81.149?
Are there any further methods which can be used to diagnose the cause of the 403 response?