My Oracle Support Banner

A Direct URL Report Using the getServerDateTime Function Shows 'OPENING' Message (Doc ID 1399973.1)

Last updated on AUGUST 05, 2016

Applies to:

Oracle SOA Platform – BAM (Business Activity Monitoring) - Version: and later   [Release: 11gR1 and later ]
Information in this document applies to any platform.


Defining a report with datatime surface prompt parameters 'From' and 'To' with the default value of SystemDateTime .

Using a 'Direct URL' to access a Report  form outside of the (standard) BAM Console (eg: Active Studio, Architect,  etc) that makes a call against the system the BAM server itself identifies this request as a potential Cross-site request forgery (CSRF) request and  does not return anything to the client browser as the BAM server regards the  request as not genuine.

In the log files following error appears:

[2011-08-24T11:26:22.021-04:00] [bam_server1] [WARNING] [] [oracle.bam.web.reportserver] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: weblogic] [ecid:
34c759ab1b5d70b0:-52787688:131fb3cda45:-8000-000000000000194f,0] [APP: oracle-bam#11.1.1] ReportServer: Possible CSRF detected. Details:oracle.bam.web.shared.utilities.Utilities:getServerDateTime:null:ReportServer: User:null Remote Address: Remote Remote Port:2308


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.