Failed Client authorization error message with Cloud Controller 19.2.1

  • KM03636675
  • 28-Apr-2020
  • 28-Apr-2020

Summary

When trying to connect Cloudscan 19.2.0 and higher client with the latest patched Cloud Controller 19.2.1.

Error

cloudCtrl.log
2020-04-28 16:47:43,585 [ERROR] [172.17.28.33 GET /cloud-ctrl/rest/ping] com.fortify.cloud.ctrl.spring.security.ClientAuthenticationFilter - Failed client authorization [some_ip_address] with fortify-client header

Cause

Authorization was added to Cloud Controller 19.2.1 patch which did not make it to the latest Cloudscan 19.2.0 documentaton
eg
https://www.microfocus.com/documentation/fortify-software-security-center/1920/CloudScan_Guide_19.2.0.pdf

Fix

On the authorized client making the connection to Cloud Controller 19.2.1,

1. create a file called eg SCA\Core\config\client.properties

2. In config.properties add the the following line

eg
client_auth_token=CHANGEME321!
 
where the password matches with "client_auth_token=" property set in the Cloud Controller's tomcat/webapps/cloud-ctrl/WEB-INF/classes/config.properties