We just upgraded from 11.5.3.2 to 11.6.1.0. We enabled the Legacy Navigate view ( /investigation/navigate ) but non of our analysts were able to use it. They received a blue error message:
Forbidden. You cannot access the requested page.
/var/netwitness/uax/logs/audit/audit.log shows:
2021-08-18 13:00:23,809 deviceVersion: "11.6.1.0" deviceService: "SA_SERVER" category: DATA_ACCESS operation: "HttpRequest" parameters: "{referrer=https://example.com/investigate/events, method=GET, X-Forwarded-For=1.2.3.4, 10.1.2.3, userAgent=Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0, queryString=, uri=/investigation/navigate, remoteAddress=10.1.2.3}" outcome: "Failure" text: "org.springframework.security.access.AccessDeniedException: Access is denied" identity: "john" userRole: "Funky_Analysts"
It took some trial and error before we realized that the Legacy Navigate view now requires contexthub-server.query.read to be enabled in the role. This was not the case in 11.5 and is not mentioned in the 11.6.1.0 upgrade guide.
