Zowe Editor - An unknown error occured: undefined

[Martin-Zeithaml]

I am getting popular message for Editor: An unknown error occured: undefined

I have already checked couple items:

• ZSS (both 31 and 64, 31 bit is used)

extattr --list zoweRuntimeDirectory/components/zss/bin/zssServer          
APF authorized = NO                                                                              
Program controlled = YES                                                                         
Shared address space = YES                                                                       
Shared library = NO  

• curl -k -H "Accept: application/json" -H "X-CSRF-ZOSMF-HEADER: true" "https://zOSMF:port/zosmf/info"
  • Response OK
• ZIS READ ZWES.IS
  • Granted
• keytool -list -keystore safkeyring://ZOWEUSER/ZoweKeyringName -storetype JCERACFKS...
  • As recommended: ExtKeyUsage [1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.1]
• Cookies expiration: Session
• Various users (including ACF2 NON-CNCL user), various browsers, same result.

Dev console

GET https://example.com:7554/zlux/ui/v1/user-info 401 (Unauthorized)
main.js:26 Http failure response for https://example.com:7554/zlux/ui/v1/user-info: 401 OK
logger.ts:322 2024-03-20 14:15:04.037 <ZWED:> user1 WARN (org.zowe.editor,:) Unsuccessful in loading user home directory: Http failure response for https://example.com:7554/zlux/ui/v1/user-info: 401 OK
GET https://example.com:7554/zlux/ui/v1/unixfile/contents/?responseType=raw 401 (Unauthorized)
main.js:26 Http failure response for https://example.com:7554/zlux/ui/v1/unixfile/contents/?responseType=raw: 401 OK
logger.ts:320 2024-03-20 14:15:04.212 <ZWED:> user1 CRITICAL (org.zowe.editor,:) Http failure response for https://example.com:7554/zlux/ui/v1/unixfile/contents/?responseType=raw: 401 OK

STC log

(o.a.h.i.c.DefaultManagedHttpClientConnection) http-outgoing-77: set socket timeout to 600000
(o.a.h.headers) http-outgoing-77 >> GET /unixfile/contents/?responseType=raw HTTP/1.1
(o.a.h.headers) http-outgoing-77 >> sec-ch-ua: "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"
(o.a.h.headers) http-outgoing-77 >> accept: application/json, text/plain, */*
(o.a.h.headers) http-outgoing-77 >> sec-ch-ua-mobile: ?0
(o.a.h.headers) http-outgoing-77 >> user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
(o.a.h.headers) http-outgoing-77 >> sec-ch-ua-platform: "Windows"
(o.a.h.headers) http-outgoing-77 >> sec-fetch-site: same-origin
(o.a.h.headers) http-outgoing-77 >> sec-fetch-mode: cors
(o.a.h.headers) http-outgoing-77 >> sec-fetch-dest: empty
(o.a.h.headers) http-outgoing-77 >> referer: https://example.com:7554/zlux/ui/v1/ZLUX/plugins/org.zowe.zlux.bootstrap/web/) http-outgoing-77 >> accept-encoding: gzip, deflate, br, zstd
(o.a.h.headers) http-outgoing-77 >> accept-language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7
(o.a.h.headers) http-outgoing-77 >> cookie: connect.sid.undefined=s%3AkcHu7k2N0hrtyAIUMNTmY.UxD%F9EAHkWz52k7m%2F2B2DikftgDqJqI;apimlAuthenticationToken=WQiOiIwVmc0M4e4UROW5CCtFVYVykTRE...
(o.a.h.headers) http-outgoing-77 >> x-forwarded-host: example.com:7554,example.com:7554
(o.a.h.headers) http-outgoing-77 >> x-forwarded-proto: https,https
(o.a.h.headers) http-outgoing-77 >> x-forwarded-prefix: /zlux/ui/v1/zss/api/v1
(o.a.h.headers) http-outgoing-77 >> x-forwarded-port: 7554,7554
(o.a.h.headers) http-outgoing-77 >> x-forwarded-for: 10.20.30.40, 10.20.40.80
(o.a.h.headers) http-outgoing-77 >> Content-Length: 0
(o.a.h.headers) http-outgoing-77 >> Host: example.com:7557
(o.a.h.headers) http-outgoing-77 >> Connection: Keep-Alive
(o.a.http.wire) http-outgoing-77 >> "GET /unixfile/contents/?responseType=raw HTTP/1.1\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-ch-ua: "Chromium";v="122", "Not(A:Brand";v="24", "Google Chrome";v="122"\r\n"
(o.a.http.wire) http-outgoing-77 >> "accept: application/json, text/plain, */*\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-ch-ua-mobile: ?0\r\n"
(o.a.http.wire) http-outgoing-77 >> "user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-ch-ua-platform: "Windows"\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-fetch-site: same-origin\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-fetch-mode: cors\r\n"
(o.a.http.wire) http-outgoing-77 >> "sec-fetch-dest: empty\r\n"
(o.a.http.wire) http-outgoing-77 >> "referer: https://example.com:7554/zlux/ui/v1/ZLUX/plugins/org.zowe.zlux.bootstrap/web/\r\n"
(o.a.http.wire) http-outgoing-77 >> "accept-encoding: gzip, deflate, br, zstd\r\n"
(o.a.http.wire) http-outgoing-77 >> "accept-language: fr-FR,fr;q=0.9,en-US;q=0.8,en;q=0.7\r\n"
(o.a.http.wire) http-outgoing-77 >> "cookie: connect.sid.undefined=s%3AkcHu7k2N0hrtyAIjwN6wh81UIMBNwTmY.UxUDp%2Fk9wEBAhHqkjWpzE5W2k7m%2FK6%2B2DikftgDqJqI;apimlAuthenticationToken=WQiOiIwVmc0MWUxTDdnVG40eW44UW5CVC0tRFVYVy..."
(o.a.http.wire) http-outgoing-77 >> "x-forwarded-host: example.com:7554,example.com:7554\r\n"
(o.a.http.wire) http-outgoing-77 >> "x-forwarded-proto: https,https\r\n"
(o.a.http.wire) http-outgoing-77 >> "x-forwarded-prefix: /zlux/ui/v1/zss/api/v1\r\n"
(o.a.http.wire) http-outgoing-77 >> "x-forwarded-port: 7554,7554\r\n"
(o.a.http.wire) http-outgoing-77 >> "x-forwarded-for: 10.20.30.40, 10.20.40.80\r\n"
(o.a.http.wire) http-outgoing-77 >> "Content-Length: 0\r\n"
(o.a.http.wire) http-outgoing-77 >> "Host: example.com:7557\r\n"
(o.a.http.wire) http-outgoing-77 >> "Connection: Keep-Alive\r\n"
(o.a.http.wire) http-outgoing-77 >> "\r\n"
(o.a.http.wire) http-outgoing-77 << "HTTP/1.1 401 Not Authorized"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.http.wire) http-outgoing-77 << "Content-Type: text/plain"
(o.a.http.wire) http-outgoing-77 << "Server: jdmfws"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.http.wire) http-outgoing-77 << "Content-Length: 14"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.http.wire) http-outgoing-77 << "Connection: keep-alive"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.http.wire) http-outgoing-77 << "Keep-Alive: max=1000"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.http.wire) http-outgoing-77 << "\r\n"
(o.a.h.headers) http-outgoing-77 << HTTP/1.1 401 Not Authorized
(o.a.h.headers) http-outgoing-77 << Content-Type: text/plain
(o.a.h.headers) http-outgoing-77 << Server: jdmfws
(o.a.h.headers) http-outgoing-77 << Content-Length: 14
(o.a.h.headers) http-outgoing-77 << Connection: keep-alive
(o.a.h.headers) http-outgoing-77 << Keep-Alive: max=1000
(o.a.http.wire) http-outgoing-77 << "Not Authorized"
(o.a.h.i.c.DefaultManagedHttpClientConnection) http-outgoing-77: set socket timeout to 0
(o.a.h.i.c.DefaultManagedHttpClientConnection) http-outgoing-77: Close connection

Any advice is welcome.

[1000TurquoisePogs]

I think this is just a ZSS issue so I would like to move it there.
Are you running with gateway?
Then, SSO is used and auth requires ZSS can trust apiml tokens.
If you don't see ZWES1601I in the log then it doesnt and something is broken with that part.

[Martin-Zeithaml]

Yes, running with gateway and no ZWES1601I in the log.

[jordanfilteau1995]

Hello @Martin-Zeithaml

1. What ESM are you using, ACF2?
2. Are you filtering your file name here purposely or is it not being printed?

GET /unixfile/contents/?responseType=raw HTTP/1.1

It looks like you're trying to get the root directory? This API will return the root directory if you can read it, like:

{ "entries": [ { "name": "a", "path": "b", "directory": "c" "size": "d" "ccsid": "e" "createdAt": "f" "mode": g "owner": "h" "group": "i" }, ..., ...

The format for a request for a file should be:

GET /unixfile/contents/<absolute_path_to_a_file>?responseType=raw, like:

https://host:port/unixfile/contents/u/ibmuser/git/zowe-common-c/c/jcsi.c?responseType=b64

So, what's most likely happening is you're trying to get the files in the root (/), because the userInfo endpoint can't get your home directory. Do you have access to the root directory? If not, it would explain the error you're seeing from the API.

Could you try the following?

1. Enter an absolute path manually and hit enter in the top left corner.
2. Verify that you can get into your home directory.
3. Open a file from there.

Note: I'd look into the userInfo endpoint failure. It calls this service: getpwnam_r(). Do you have anything that could be preventing you from using it?

[Martin-Zeithaml]

Yes, this is ACF2 system.
The message GET /unixfile/contents/?responseType=raw HTTP/1.1 was not changed. There is no userID in this message.

Users, who can read root directory, are getting the same error.

There is debug option _zss_traceLevel=5, but there is no message from this check.

[1000TurquoisePogs]

There is a URL in message ZWES1600I
Go to it in your browser and see what it contains.
If ZSS cannot get to that URL, then it cannot get ZWES1601I
If you do not have ZWES1601I, you do not have SSO, which leads to the 401 you see.

[jordanfilteau1995]

@Martin-Zeithaml Did you try going to your home directory in the editor as a test to see if anything works? It would be very helpful for me to know if it's completely not working or if it's working in some cases.

[Martin-Zeithaml]

ZWES1600I URL is returning (formatted and changed):

{
  "keys": [
    {
      "kty": "RSA",
      "e": "AQAB",
      "use": "sig",
      "kid": "short sequence of chars",
      "alg": "RS256",
      "n": "very long sequence of chars"
    }
  ]
}

No ZWES1601I in the log.

Editor is not working for any path.

How can I check the zss ability to reach that URL?