Details
-
Bug
-
Resolution: Fixed
-
Blocker
-
None
-
Pollux Core S5
Description
SessionAuthAgent expects a login and password to be created. This is fine if the authentication is done by the REST client itself. And if the authentication is done before the CAPI instantiation (for instance in a plain login form), you are blocked since you can not get the login/password and and you can not inject the sessionName, sessionId and the CSRF token. I think we should implement a third auth agent that takes the sessionName, the sessionId and the CSRF token to tackle this usecase.