Web Application Firewall (WAF) blocking Helical Insight

Technical queries
, , , ,
#1

Hey,

We are using open source BI Helical Insight enterprise version 5.2.1. We have deployed HelicalInsight for one of our client instances, however the URL is being blocked.

Helical application currently blocked by WAF(Web application firewall), client team confirmed that blocked the request due to security issue. The request payload contains the word ‘service,’ which is flagged as a system-level command. To fix this, try using the word ‘Service’ with a capital ‘S’ instead." Please find screenshot

image

Thank You,
Snow.

#2

To fix this, try using the word ‘Service’ with a capital ‘S’ instead small s.

Please follow the below steps(Back-end configurations):

  1. Download the below jar file and put it in the /WEB-INF/lib> folder.

             https://repo1.maven.org/maven2/org/tuckey/urlrewritefilter/4.0.4/urlrewritefilter-4.0.4.jar

  2. Go to the folder /hi-repository/System/Admin/Static and edit the file DashboardGlobals.groovy

Change below endpoints s to capital ‘S’ as below:

Line 21: “services”: “${baseUrl}Services.html”
Line 23: “services”: “${baseUrl}Services”,
Line 29: “services”: “${baseUrl}/Services”,
Line 66: “services”: “${baseUrl}/Services”

  1. Update the web.xml file: Edit the /WEB-INF/web.xml file to configure the URL Rewrite Filter.

Add the following configuration after the validationFilter entry: After 141 Line Number.

UrlRewriteFilter org.tuckey.web.filters.urlrewrite.UrlRewriteFilter logLevel WARN UrlRewriteFilter /*
  1. Create the urlrewrite.xml File in the \hi\apache-tomcat-9\webapps\hi-ee\WEB-INF and add the following content:
   <?xml version="1.0" encoding="utf-8"?>
   <!DOCTYPE urlrewrite PUBLIC "-//tuckey.org//DTD UrlRewrite 5.0//EN"
           "http://www.tuckey.org/res/dtds/urlrewrite5.0.dtd">

   <urlrewrite>
       <rule>
           <from>/Services</from>
           <to>/services</to>
       </rule>

       <rule>
           <from>/Services.html</from>
           <to>/services.html</to>
       </rule>

       <outbound-rule>
           <note>test</note>
           <from>/rewrite-status</from>
           <to>/test/status/</to>
       </outbound-rule>
   </urlrewrite>

5.Restart the server once above things are configured.

This setup ensures seamless URL rewriting and consistent endpoint handling in your Java web application.

Conclusion/output:
After restart the app, Performed all kind of operations on HI APP and did not find any issue after making those configs. Also we are getting ‘S’ in Services wherever it is calling through-out application and below are the few service names where ‘Services’ API is calling/triggering.

Admin:        
        diskSpace,
        systemInfo,
        tempFile,
        size,
        dump,
        cachedDS,
        log,
        drillConfig,
        getContents,
        management,
        listMetadataDump,
        scheduling,
        customWatcher,
        RB:
        recycle

HI/USER:
        fetchInfo,
        retrieveSharedInfo,

DataSources:
        getContents,
        test,
        write,
        read,
        update,
        quickTest,
        delete,

Create Metadata:
        getContents,
        metadataWorkflow,
        fetchColumns,
        fetchJoins,
        retrieveViewLabels,
        saveView,
        security,
        update

EDIT MD:
        getContents
        getMetadataForEdit
        retrieveView,
        saveView,
        security,
        getSecurity

Create Report:
        get,
        getFunctions,
        getContents,
        fetchData,
        generateQuery,
        saveReport

EDIT Report:
        saveReport,
        getContents,
        getFunctions,
        fetchData

Dashboard Designer:
        getReport,
        fetchData,
        designer(save),
        fetch,
        getContents

Note: Please find the attached configuration files for reference.

3 attachemnts : web.xml, urlrewrite.xml, DashboardGlobals.groovy

Thank You,
Helical Insight Team.