Please upgrade to 2.1.x here.
The 2.0 branch is no longer being updated.
Important security fix: 2.1.10
, released 4 May.
ProxyConnect doesn't request authenticate url when we type the vanilla url in the browser
I have implemented SSO between my rails app and vanilla using ProxyConnect. The issue is that when I log into my rails app and then open vanilla in another tab (or in the same tab) it doesn't access the authenticate url, but when I explicitly click the sign in button it accesses the authenticate url (I can see it in the logs) and the user is shown as logged in.
Is there some kind of caching in place that I need to turn off so that it calls the authenticate url whenever vanilla is accessed and login cookie is not set.
On a side note: Can we somehow turn off the username requirement for vanilla. I had to implement a separate flow and take username when user tries to access vanilla for the first time. Why can't we use email as the username? These days people hate filling forms...smaller the better.
0 · ·