When attempting to access Appian with a web server configured, users receive a 401 error like the one below:
The following error is seen in the application server log:
ERROR com.appiancorp.security.cors.CorsFilter - CORS request rejected; invalid request from <SOURCE_IP_ADDRESS> to <URL>javax.servlet.ServletException: CORS origin denied: <URL> is not on the allowed list: or the request path does not match the allowed paths.
Additionally, users who can login may be unable to load or open objects in /design.
There is a misconfiguration in custom.properties related to the site URL.
This article applies to all self-managed versions of Appian using a web server.
Last Reviewed: January 2022
© 2023 Appian. All rights reserved.