Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 2.0.5
Affects Version/s: 2.0.4
Component/s: None
Labels:
None

Template:

Bug template
Acceptance criteria:

Empty

show more show less
Task DoD:

show more show less
Bug DoR:

show more show less
Epic Link:
CLOUD-1055
Sprint:
AdminX 14
Story Points:
2

Steps to reproduce

Define a custom REST endpoint and a dedicated ContainerRequestFilter to handle the authentication over JWT through the Authorization header
Allow anonymous access on that endpoint to bypass the Magnolia login process

Expected results

The request hits directly the ContainerRequestFilter, which will take care of the Authorization.

Actual results

The SSO filter intercepts the request and stops it as the passed token has not been signed by the IDP configured in the SSO config.

Workaround

As mentioned in the Slack thread by Nguyen Phung, we could extend the SSO module and remove the Header matcher defined here
https://git.magnolia-cms.com/projects/ENTERPRISE/repos/magnolia-sso/browse/magnolia-sso[…]agnolia/sso/SsoModule.java?at=refs%2Fheads%2Frelease%2F2.0

But that'll require customizing the module which is not ideal.

Development notes

Acceptance criteria

1.	Implementation	Completed	Nguyen Phung Chi
2.	Review	Completed	Evzen Fochr
3.	PiQA	Closed	Unassigned
4.	Final QA	Completed	Evzen Fochr

Assignee:: Nguyen Phung Chi

Reporter:: Adrien Manzoni

Team:: AdminX

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 04/Jul/22 2:38 PM

Updated:: 03/Aug/22 6:08 PM

Resolved:: 19/Jul/22 2:20 PM

Date of First Response:: 11/Jul/22 8:40 AM

Bug DoR

Task DoD

Estimated:

Not Specified

Remaining:

Not Specified

Logged:

0.5d

Include sub-tasks

Details

Description

Steps to reproduce

Expected results

Actual results

Workaround

Development notes

Checklists

Attachments

Sub-Tasks

Activity

People

Dates

Checklists

Time Tracking