Yes, if I use a private browser window it works with the openapi-ui, but
then much like the other way around, the browser is "poisoned" and if I
attempt to go to the rest of the web application I just get a 401 and it
never sends me to the login page because it's going through the token
flow. I guess in a way this is Firefox's fault, but this doesn't seem
like that crazy of a scenario for an application. I assume I'm doing
something stupid :)
We have 3 realms, one is form based, one is certificate based and now
one is token based. Is there a way that I've missed to limit certain
URLs in the shiro.ini to certain realms?
On 10/24/2024 2:51 PM, Francois Papon wrote:
Hi,
May be it's related to cookie or cache. Did you try to use the openapi-ui with
an private or incognito browser tab?
regards,
François
