I am getting a security restriction error when I run gliderecord query to syslog table from scoped-app in San Diego

Go to solution
kyciranne
Giga Expert

‎03-07-2022 06:50 PM

I am getting an error when I run gliderecord query to syslog table from scoped-app in San Diego

Security restricted: When targeting a global resource, only ServiceNow authored scopes are allowed as sources

Couldn't decipher the stack trace resulting from the following JavaScriptException:
com.glide.script.fencing.access.ScopeAccessNotGrantedException: read access to syslog not granted: org.mozilla.javascript.JavaScriptException: com.glide.script.fencing.access.ScopeAccessNotGrantedException: read access to syslog not granted: org.mozilla.javascript.Context.makeJavaScriptException(Context.java:1952)

Labels:
0 Helpfuls
  • 3,722 Views
1 ACCEPTED SOLUTION

Go to solution
Maik Skoddow
Tera Patron
Tera Patron
In response to kyciranne

‎03-07-2022 07:19 PM

Hi @kyciranne 

thanks for the feedback. This is something new to me.

To access the syslog table your only workaround is the create a "proxy" script include in the global scope.

Watch the following video: https://www.youtube.com/watch?v=yx23wKB7uYM

Kind regards
Maik

View solution in original post

7 REPLIES 7

Go to solution
Maik Skoddow
Tera Patron
Tera Patron

‎03-07-2022 06:58 PM

Hi @kyciranne 

check whether the following configuration is set on the config record of the syslog table

find_real_file.png

Kind regards
Maik

Preview file
36 KB
0 Helpfuls

Go to solution
kyciranne
Giga Expert

‎03-07-2022 07:12 PM

Thanks Maik, there is a new implementation of ServiceNow on the syslog table where they added caller restriction on the table

find_real_file.png

Preview file
20 KB

Go to solution
Maik Skoddow
Tera Patron
Tera Patron
In response to kyciranne

‎03-07-2022 07:19 PM

Hi @kyciranne 

thanks for the feedback. This is something new to me.

To access the syslog table your only workaround is the create a "proxy" script include in the global scope.

Watch the following video: https://www.youtube.com/watch?v=yx23wKB7uYM

Kind regards
Maik

Go to solution
CMDB Whisperer
Mega Sage
Mega Sage
In response to Maik Skoddow

‎01-20-2023 09:38 AM

Of special note here: as of San Diego I could create that proxy/wrapper script inside a Global studio application.  As long as the application was created with a Global scope, ServiceNow was able to use the wrapper function as shown here.  However, as of Tokyo this no longer is the case.  It must be "fully Global" to operate as a wrapper for enabling cross-scope access.  Otherwise you will still get the message "When targeting a global resource, only ServiceNow authored scopes are allowed as sources"


The opinions expressed here are the opinions of the author, and are not endorsed by ServiceNow or any other employer, company, or entity.