Buy or Renew
Buy or Renew
Welcome to the new Cisco Community. LEARN MORE about the updates and what is coming.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
832
Views
0
Helpful
6
Replies

ANC Endpoint API gives a HTTP 404

Go to solution
Konrad Reszka
Cisco Employee
Cisco Employee

‎03-23-2018 01:39 PM

I'm trying to apply an ANC policy using the ERS API URI of "/ers/config/ancendpoint/apply" but ISE only returns an HTTP 404 error. Other ERS API calls work wonderfully so it's not header or authorization problem.

ISE is on 2.3

0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
hslai
Cisco Employee
Cisco Employee

‎03-30-2018 05:48 PM

This is due to CSRF validation. Please read the section on this in ISE 2.3 Release Notes, API Documentation from the ERS Online SDK.

View solution in original post

0 Helpful
6 REPLIES 6

Go to solution
hslai
Cisco Employee
Cisco Employee

‎03-23-2018 01:59 PM

Please turn DEBUG on ers and watch ise-psc.log, which should give you some clues what's missing.

If not, please post a complete request sample.

Below works for me:

curl -X PUT -k -H 'Content-Type:  application/json' -H 'Accept:  application/json' -i 'https://myAdminUser:myPassword@myISE:9060/ers/config/ancendpoint/apply' --data '{


"OperationAdditionalData" : {


    "additionalData" : [ 


    { "name" : "macAddress", "value" : "02:00:00:00:00:01" }, 


    { "name" : "policyName", "value" : "testANC-Q01"}


   ]


  }


}'
0 Helpful

Go to solution
Konrad Reszka
Cisco Employee
Cisco Employee
In response to hslai

‎03-26-2018 07:20 AM

Specifically, ISE is on version 2.3.0.298

It looks like the URI PATH is not being parsed, it's showing as null. Here's a snippet:

Working GET request:

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getPathInfo=/ancendpoint/

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getMethod=GET

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/config/ancendpoint/

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getRemoteHost=192.168.255.10

cpm.ers.app.web.MaxThreadsLimiterFilter -::::-  ## RateLimitFilter Servlet => Continue with the ERS Request, The current bucket count is: 49

cpm.ers.app.web.PICFilter -::::- #### PICFilter.doFilter --> getPathInfo=/ancendpoint/

cpm.ers.app.web.PICFilter -::::- #### PICFilter.doFilter --> getMethod=GET

cpm.ers.app.web.PICFilter -::::- #### PICFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/config/ancendpoint/

cpm.ers.app.web.PICFilter -::::- #### PICFilter.doFilter --> getRemoteHost=192.168.255.10

cpm.ers.app.web.PAPFilter -::::- #### PAPFilter.doFilter --> getPathInfo=/ancendpoint/

cpm.ers.app.web.PAPFilter -::::- #### PAPFilter.doFilter --> getMethod=GET

cpm.ers.app.web.PAPFilter -::::- #### PAPFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/config/ancendpoint/

cpm.ers.app.web.PAPFilter -::::- #### PAPFilter.doFilter --> getRemoteHost=192.168.255.10

cpm.ers.app.web.PAPFilter -::::- #### PAPFilter.doFilter --> passing the filter!

cpm.ers.app.web.AtnAtzFilter -::::- #### AtnAtzFilter.doFilter --> getPathInfo=/ancendpoint/

cpm.ers.app.web.AtnAtzFilter -::::- #### AtnAtzFilter.doFilter --> getMethod=GET

cpm.ers.app.web.AtnAtzFilter -::::- #### AtnAtzFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/config/ancendpoint/

cpm.ers.app.web.AtnAtzFilter -::::- #### AtnAtzFilter.doFilter --> getRemoteHost=192.168.255.10

Failing PUT request:

cpm.ers.app.impl.ERSConfigurationListener -::::- Registering ERS Configuration Listener

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getPathInfo=null

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getMethod=PUT

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/custom_error_page.jsp

cpm.ers.app.web.MaxThreadsLimiterFilter -::::- #### MaxThreadsFilter.doFilter --> getRemoteHost=192.168.255.10

cpm.ers.app.web.MaxThreadsLimiterFilter -::::-  ## RateLimitFilter Servlet => Continue with the ERS Request, The current bucket count is: 49

cpm.ers.app.web.SponsorSessionAttributesFilter -::::- #### SponsorSessionAttributesFilter.doFilter --> getPathInfo=null

cpm.ers.app.web.SponsorSessionAttributesFilter -::::- #### SponsorSessionAttributesFilter.doFilter --> getMethod=PUT

cpm.ers.app.web.SponsorSessionAttributesFilter -::::- #### SponsorSessionAttributesFilter.doFilter --> getRequestURL=https://10.101.0.10:9060/ers/custom_error_page.jsp

cpm.ers.app.web.SponsorSessionAttributesFilter -::::- #### SponsorSessionAttributesFilter.doFilter --> getRemoteHost=192.168.255.10

cpm.ers.app.web.SponsorSessionAttributesFilter -::::- #### SponsorSessionAttributesFilter.doFilter, it is not a sponosr , it will not perform in SponsorSessionAttributeFilter !

cpm.ers.app.web.MaxThreadsLimiterFilter -::::-  ## RateLimitFilter Servlet => Continue with the ERS Response, The current bucket count is: 49

api.services.persistance.dao.DistributionDAO -::::- In DAO getRepository method for HostConfig Type: MNT

Postman screenshot of request with your test data

Screen Shot 2018-03-26 at 10.18.15 AM.png

0 Helpful