Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: QA tracked issues, 5.2-rc1
Affects Version/s: 5.1, 5.2-dev
Component/s: Documentation, Platform > REST API v2
Labels:
None
Environment:

rhel, mysql

Description

When using session based auth in REST v2 you need also to send the is_logged_in cookie.
This is needed for LS integration.
But AFAIK in at least 5.0 and 5.1 session based auth depends partly on legacy and the cookie is indeed needed

So, in the spec, the is_logged_in cookie should be explained in the "1.2.3 Session based Authentication" chapter, maybe more precise in the "1.2.3.1 Session cookie" chapter

Attachments

Issue Links

discovered while testing

EZP-20322 Specify csrf use in REST for use with session based auth

Closed

relates to

EZP-22500 Documentation: REST API Authentication requires is_logged_in cookie information

Closed

links to

PR ezpublish-kernel#550

Activity

People

Assignee:: Unassigned

Reporter:: Vidar Langseid

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 11/Jun/13 3:42 PM

Updated:: 19/Mar/14 10:41 PM

Resolved:: 09/Oct/13 4:38 PM

Time Tracking

Estimated:

Not Specified

Remaining:

Logged: