no permission to perform operation

Product:
Planning Analytics 2.0.5
Cognos Analytics 11.0.13
Microsoft Windows 2016 server

Problem:
Inside the CA11 cognos connection you have a workspace widget that link to a TM1 Application web (contributor app) that is on a secure TM1WEB server (HTTPS), and your CA11 is not, it uses HTTP. Depending on the browser used, you can get the error “no permission to perform operation”.

This can be that you have no rights in the TM1 application, but can also be that the user credentials is not brought forward to the site.

Suggested solution:
In the case when you have the servers in different domains, this can be a solution;

When the TM1 Application Server is not accepting the request at all. You can add an additional header, so that pmpsvc accepts requests from certain domains. The header is described here:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer

Login to tm1 server.
Open C:\Program Files\ibm\cognos\tm1_64\webapps\pmpsvc\WEB-INF\configuration\fpmsvc_config.xml in notepad++.
Find the line:

name=”X-Content-Type-Options” value=”nosniff”

Add the following after above line:

name=”Referer” value=”domain1.com;domain2.com”

Like this:

Restart TM1 Application Server

The setting will allow the pmpsvc URL to be called from any website within the domain1.com and domain2.com domain.

If a website is accessed from a HTTP Secure (HTTPS) connection and a link points to anywhere except another secure location, then the referrer field is not sent.

CogKnowHow

Just another WordPress site

no permission to perform operation