New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[portal] Authorization cookie not properly handled in case of cross-domain #771

Closed
brasseld opened this Issue Sep 6, 2017 · 0 comments

Comments

Projects
None yet
2 participants
@brasseld
Member

brasseld commented Sep 6, 2017

OAuth2 authentication is not properly handled when UI and API does not share the same domain.
In that case, even if authentication is successful, authorization cookie is not persisted in browser session.

@brasseld brasseld added the type: bug label Sep 6, 2017

@brasseld brasseld self-assigned this Sep 6, 2017

brasseld added a commit to gravitee-io/gravitee-management-webui that referenced this issue Sep 6, 2017

brasseld added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Sep 6, 2017

@brasseld brasseld added this to the 1.9.0 milestone Sep 8, 2017

NicolasGeraud added a commit to gravitee-io/gravitee-management-webui that referenced this issue Sep 13, 2017

NicolasGeraud added a commit to gravitee-io/gravitee-management-rest-api that referenced this issue Sep 13, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment