You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi,
I think there is a problem with the authorization header for Keyrock and the cache. The authorization header is not stored in the cache (only action and resource are) and is in turn not checked on further requests. This leads to the situation, that on a successful request with the legit authorization header, the authorization headers are ignored on further requests and access is granted regardless of the header. Vice versa if the first request was denied, it will be denied again, even if the header is correct on the next request.
The text was updated successfully, but these errors were encountered:
Hi,
I think there is a problem with the authorization header for Keyrock and the cache. The authorization header is not stored in the cache (only action and resource are) and is in turn not checked on further requests. This leads to the situation, that on a successful request with the legit authorization header, the authorization headers are ignored on further requests and access is granted regardless of the header. Vice versa if the first request was denied, it will be denied again, even if the header is correct on the next request.
The text was updated successfully, but these errors were encountered: