-
Task
-
Resolution: Unresolved
-
Neutral
-
None
-
None
-
None
-
None
-
-
Empty show more show less
-
Empty show more show less
Problem is that swagger is limited to run only from one configured domain(apiBasepath) and we are not support any kind of authentication(https://swagger.io/docs/specification/authentication/).
Example:
https://demo.magnolia-cms.com
https://demoauthor.magnolia-cms.com
Rest tool apiBasepath is configured to = https://demo.magnolia-cms.com/.rest
Then Rest Tools app works correctly if visited via https://demo.magnolia-cms.com, credentials of logged user are used(JSESSION).
If visited from https://demoauthor.magnolia-cms.com then "Can't read from server. It may not have the appropriate access-control-origin settings." occurs. We can use link CORS filter module to allow cross-origin resource sharing, but this doesn't help because we are accessing rest from different domain so all request are done by anonymous user
- is related to
-
MGNLREST-52 Default apiBasepath should include default ctx (magnoliaAuthor/magnoliaPublic) of bundle
- Closed