I was trying to move a phone from one DP to another and when I move the phone and went to save the changes it gave me this error below and I wanted to know what would cause this and how would I go about fixing this problem.
The attempted action was a violation of security protocols and will not be allowed. This may be caused by having multiple concurrent windows open or using browser buttons (back, refresh, etc). Please retry the operation
Solved! Go to Solution.
I received this error when trying to make a change, shut the browser down completely (closed all tabs, sessions, etc)
logged back in - attempted the change again - same error -
Can we only have 1 administrator in at a time now? That seems like a big step backwards:
Any resolution to this?
Just upgraded to CCM 10.5. I was able to add a location, but now I cant modify or delete w/o getting this error. I cleared cache/cookies, used a diff browser, I am the only one logged in, etc.
Can't get past it.
Can you try hitting save after seeing this error? This should still let you save the changes. Is your browser supported, I remember seeing this error but happened only when I opened another tab while modifying any records, and if I remember correctly after doing save after this error it did let me save. I dont have the console in front of me to test it at the moment but you can try saving after the error.
Ref: (although this for ver 10)
If you receive the following error message upon saving a configuration, entered changes are not lost. Click Save again after seeing the error message.
Security Error : The attempted action was a violation of security protocols and will not be allowed. This may be caused by having multiple concurrent windows open or using browser buttons (back, refresh, etc). Please retry the operation
Please rate all helpful posts
Once I get that message though, I no longer have any options other than hitting "Go" to go back to the list of my Locations. There is no Save button. :(
I don't have multiple tabs open in my browser. I tried IE, Firefox, Chrome, non domain machines, rebooted the PUB, and no such luck. Same darn message.
Strange. Can you confirm if you are making the changes from Pub server (I am sure you must be but to double check)?
Although this appears more of a browser issue to me but can you post the output of below from CLI of the pub
show network cluster
utils dbreplication runtimestate
It may be completely off the track but just wanted to confirm you have no other problems.
[+5] to Terry for troubleshooting tips.
I can see one bug not exactly related to the error message[multiple browsers] posted 7 months bug but has been fixed in latest 10.5.1 version.
have u upgraded to the same version as mentioned in Fixed releases.
|Known Affected Releases:|
|Known Fixed Releases:|
Thx for all the replies. I just upgraded to 10.5.2.10000-5.
Upon further hair pulling, this issue is related to a particular site within my cluster. For that site, I cant change the Device Pool, Region, Location, etc.
I can make changes to everything else outside of this particular site.
I removed any devices associated to that DP, still no luck.
I restored from a backup I had made right after my upgrade, no luck.
dbrep runtimestate shows all status 2's.
show net cluster shows all authenticated.
TAC case is opened.
It's got to be a bug. I went to change the name of the Location and it worked.
The original name was Campus-DoveValley
These names work:
These names don't:
I cant make any sense from it. It works when it likes the name. Now I have to cope with a naming convention that isnt consistent. Going to need counseling. ;)
I will update this when TAC takes a look at it.
we would wait for TAC to reply.
this is what I could find.
This is definately a bug. I get the same error when trying to change the route partition of a line on a device.
My workaround i found to bypass this is as follows:
Instead of selecting save, select apply config first, it will then give you the option to save and then the update happens as suppose to.
That's good info. I had this exact issue just now and I definitely didn't have "eval" listed anywhere within this phone entry. My fix was to restart the Cisco Tomcat service within the CLI, but I'll give your solution a try too if it occurs next time.
From TAC. Note: I am seeing this error in CUCM 10.5.2.10000-5.
I dont see any of the "keywords" below in my names that generated the error. I am not going to pursue this any longer. I'll just keep my current labels as they are.
This seems to be working as designed in CUCM ver 10.5.2. As far now, this have not been accepted as the bug.
These are the list of keywords which when used in the description field of a device tend to give this error:
What a wonderfull forum !!! Saved us a week with TAC.
Recently migrated from CUCM 8.0.3 to 10.5.2.
Had the security violation message when saving changes to a DN on a vg204.
Turns out we had the keyword "eval" somewhere in the description of the line and in some other fields like alerting name.
Removing this keyword solved our problem.
What a weird bug.
So, this is a stretch, but if there are reserved words that can't be used then I suspect one that was missed was "eval", which is a function name in just about every language written. SQL, js, java, php, etc.
The one's that don't work all have dovEVALley. It seems comical that it would translate that to an actual eval statement, since everything should be passed as a string, but that is the only thing that jumps out at me.
djdeel, your "stretch" was right. You can't name anything with the characters "eval". Very good! I went back and tested and anything with that sequence of characters is rejected. It is rejected for Locations, DP's, Regions and MTP's.
Thanks for the update..looks like time for another BUG ID...or its some sort of database lock..
Matt - Can you please let us know what's the outcome of the TAC case?
Had this come up and and found the defect ID in case someone hits this again. CSCut08386 - Keyword 'eval' is not allowed as a substring. The fix allows "eval" as a substring, but not as the primary string. So, "testeval" would be fine, but simply "eval" would not.
Just adding a note to this thread...
Ran into this at a client site today, they had added some new users to AD and the users had the word "Evaluations" in their job title. When you went to update the end user settings in Call Manager you got the Access Denied error on a plain white web page. We removed that word from the users title in AD and resynced LDAP on Call Manager and then that word went away from the Title field and the end user updates saved fine.
This is not acceptable I need to have more than one tab open at one time. Cisco needs to change this. It is already a horrible product don't make it worse.
It has been this way for a long time now and is required to be certified for the more security minded verticals, eg: banks, government, investing houses, etc.