Seeing an APM CE (CEM) User Interface error message such as "HTTP 403" or "Forbidden."

Document ID : KB000030176
Last Modified Date : 14/02/2018
Show Technical Document Details


When a CEM User is not associated with a CEM User Group, the CEM UI login fails with a "HTTP 403" or "Forbidden" message.



An APM CE (CEM) User must be associated with one or more CEM User Group in the users.xml file.


These are the default CA CEM security user groups:

? Admin—has both Introscope and CA CEM access, and is given both Introscope Admin as well as CEM System Administrator privileges.

? CEM System Administrator—manages all CA CEM system functions.

? CEM Configuration Administrator—manages general CA CEM configuration.

? CEM Analyst—has access to CA CEM reports and views only.

? CEM Incident Analyst—has access to CA CEM reports and views, including HTTP information on defects. 


 Example: For the "CEM Test" user to have CEM System Administrator privileges, modify the "users.xml" with the syntax shown for encrypted passwords


<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<principals xmlns:xsi="" plainTextPasswords="false" version="0.3" xsi:noNamespaceSchemaLocation="users0.3.xsd">


<user password="adb831a7fdd83dd1e2a39ce7591dff8" name="CEM Test"/>



<group description="CEM System Administrator Group" name="CEM System Administrator">

<user name="CEM Test"/>





Save the file and then restart Enterprise Manager.