IBM Support

QRadar: Login page does not show any content



QRadar® login page does not show any content even though all relevant QRadar services are up and running including httpd and tomcat.


Launching the QRadar login page by using the URL: https://<hosname>|<IP_address>/console, the page shows blank and does not show the fields to enter the user-name and password.


One of the possible reasons for this issue could be that the file /opt/qradar/conf/login.conf was modified incorrectly thus causing QRadar to fail loading the file.

Diagnosing The Problem

In the /var/log/qradar.log file, these messages are observed:
::ffff:N.N.N.N [tomcat.tomcat] [HttpServletRequest-74-Idle] com.q1labs.uiframeworks.auth.configuration.LoginConfigurationManager: [INFO] [NOT:0000006000][N.N.N.N/- -] [-/- -]Reading and parsing /opt/qradar/conf/login.conf
::ffff:N.N.N.N [tomcat.tomcat] [HttpServletRequest-74-Idle] com.q1labs.uiframeworks.auth.AuthenticationVerificationFilter: [ERROR] [NOT:0000003000][N.N.N.N/- -] [-/- -]Failed to send redirect to logon.jsp
::ffff:N.N.N.N [tomcat.tomcat] [HttpServletRequest-74-Idle] java.lang.IllegalStateException: The current login configuration is invalid

Resolving The Problem

  1. Backup /opt/qradar/conf/login.conf to a location such as /store/IBM_Support/
    cp -p /opt/qradar/conf/login.conf /store/IBM_Support/
  2. Confirm that the file was modified recently and whether the contents are readable:
    ls -lath /opt/qradar/conf/login.conf
    cat /opt/qradar/conf/login.conf
    If the file was modified recently and the contents are not readable, revert to the original file if you have a backup.
    If a backup is not available, refresh the contents of the login.conf file by using the following command:
    cp /opt/qradar/conf/templates/login.conf  /opt/qradar/conf/login.conf
    Note: Modifying the contents of the login.conf file by using the previous command and then restarting the Tomcat service, enables the UI and allows local authentication (System authentication) for the administrator to get into the system. Further configuration steps would be necessary if your environment needs to be configured with some other authentication method.
  3. Restart the tomcat service:
    systemctl restart tomcat
  4. Confirm whether the tomcat and httpd services are active:
    systemctl status httpd
    ●httpd.service - The Apache HTTP Server
       Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset : disabled)
      Drop-In: /etc/systemd/system/httpd.service.d
    Active: active (running) since...
    systemctl status tomcat
    ● tomcat.service - Apache Tomcat
       Loaded: loaded (/usr/lib/systemd/system/tomcat.service; enabled; vendor preset: disabled)
      Drop-In: /etc/systemd/system/tomcat.service.d
       Active: active (running) since...
  5. Have users clear their browser cache and attempt to access the login page again. The login page is now be displayed correctly. If your environment uses any other authentication method, log in using the administrator credentials and take further action to enable the other authentication method.

Document Location


[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwtIAAQ","label":"Dashboard"}],"ARM Case Number":"TS005119938","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
29 August 2023