Finally, i figured it out. instead of the old Cookie scheme, graylog is using local storage of HTML 5 and keeping the sessionId and username that could be set and get anywhere on javascript
On Wednesday, December 7, 2016 at 7:25:33 PM UTC+3:30, [email protected] wrote: > > Thank you for your answer, > So on new tab (not exactly after login) how the web UI requests would be > authenticated? > Just the first /system/sessions rest (the one with POST after login) > contains non-null session_id, so after that how the authentication tokens > would be generated? > Is that possible to use Access Token with web ui client? > > On Wednesday, December 7, 2016 at 6:39:03 PM UTC+3:30, Jochen Schalanda > wrote: >> >> Hi, >> >> On Wednesday, 7 December 2016 15:20:42 UTC+1, [email protected] wrote: >>> >>> here are some other modules which i'm using and they are working with >>> the cookies, so just converting the cookie name back and forth is ok but >>> graylog does not use cookie >>> >> >> Correct, Graylog is using Basic Auth (as described in the documentation) >> for authenticating against the Graylog REST API. It doesn't use or support >> cookies. >> >> Cheers, >> Jochen >> > -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/a87f5f58-d147-42d5-a168-ffe2ece52d71%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
