A Direct URL Report Using the getServerDateTime Function Shows 'OPENING' Message (Doc ID 1399973.1)

Last updated on AUGUST 05, 2016

Applies to:

Oracle SOA Platform – BAM (Business Activity Monitoring) - Version: 11.1.1.5.0 and later   [Release: 11gR1 and later ]
Information in this document applies to any platform.

Symptoms

Defining a report with datatime surface prompt parameters 'From' and 'To' with the default value of SystemDateTime .

Using a 'Direct URL' to access a Report  form outside of the (standard) BAM Console (eg: Active Studio, Architect,  etc) that makes a call against the system the BAM server itself identifies this request as a potential Cross-site request forgery (CSRF) request and  does not return anything to the client browser as the BAM server regards the  request as not genuine.

In the log files following error appears:

[2011-08-24T11:26:22.021-04:00] [bam_server1] [WARNING] [] [oracle.bam.web.reportserver] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid:
34c759ab1b5d70b0:-52787688:131fb3cda45:-8000-000000000000194f,0] [APP: oracle-bam#11.1.1] ReportServer: Possible CSRF detected. Details:oracle.bam.web.shared.utilities.Utilities:getServerDateTime:null:ReportServer: User:null Remote Address:10.171.114.24 Remote Host:dhcp-oracletower-10-171-114-24.ro.oracle.com Remote Port:2308

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms