Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: Customer request, 3.3.10
Affects Version/s: 3.3.6
Component/s: Commerce, Content, Experience
Labels:
None

Description

Steps to reproduce

Enable JWT (https://doc.ibexa.co/en/latest/guide/security/#jwt-authentication)
Generate a new token
Perform REST call that uses POST method (for instance: create content)

Result

An exception about missing permissions is thrown.

Root cause

By its nature JWT is stateless. LoginListener starts session and therefore the operation is executed as anonymous user.

Designs

Attachments

Issue Links

relates to

EZEE-3331 Recommendation Client sends login notification even if user logged via API (REST / GraphQL)

Closed

Activity

People

Assignee:: Unassigned

Reporter:: Kamil Madejski

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 24/Aug/21 1:19 PM

Updated:: 07/Oct/21 2:15 PM

Resolved:: 07/Oct/21 2:15 PM