You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The backoffice UI API calls to "old API" endpoints (aka those protected by old_api_secured firewall) fail when user hasn't checked the remember me on this computer" box during sign-in.
Steps to reproduce
On the login page the "remember me on this computer" checkbox defaults to unchecked, so by default when a user signs in the BAPRM cookie isn't set.
If I leave this box unchecked when I sign in, those backoffice functions which use the "old API" no longer work - the requests fail with a 401 exception:
(here I was trying to close the sidebar using the arrow in the bottom(ish) right)
If I check the "remember me on this computer" box when I sign in, the sidebar functionality works as expected - I can open/close the sidebar, add note widgets, etc.
(here I was successful in closing the sidebar after signing out and signing back in with the "remember me" box checked)
This affects all backoffice functionality which uses /api/rest/... API calls not just the sidebar - eg: saving datagrid custom views, datagrid row actions
Actual Result
The "old API" requires a "remember me" token to function.
Expected Result
The "old API" should not depend on the "remember me" token for authentication, since not every authenticated user will have one.
Summary
The backoffice UI API calls to "old API" endpoints (aka those protected by
old_api_securedfirewall) fail when user hasn't checked the remember me on this computer" box during sign-in.Steps to reproduce
On the login page the "remember me on this computer" checkbox defaults to unchecked, so by default when a user signs in the
BAPRMcookie isn't set.If I leave this box unchecked when I sign in, those backoffice functions which use the "old API" no longer work - the requests fail with a 401 exception:
(here I was trying to close the sidebar using the arrow in the bottom(ish) right)
If I check the "remember me on this computer" box when I sign in, the sidebar functionality works as expected - I can open/close the sidebar, add note widgets, etc.
(here I was successful in closing the sidebar after signing out and signing back in with the "remember me" box checked)
This affects all backoffice functionality which uses
/api/rest/...API calls not just the sidebar - eg: saving datagrid custom views, datagrid row actionsActual Result
The "old API" requires a "remember me" token to function.
Expected Result
The "old API" should not depend on the "remember me" token for authentication, since not every authenticated user will have one.
Details about your environment
The text was updated successfully, but these errors were encountered: