Hi there,
I’ve got a local 4.1 install running behind nginx with SSL using the build-in auth (i.e. no basic auth in nginx, just a straight pass through). I want to disable “Implicit user role” for the rest API but this apparently breaks the Android App.
As far as I can tell the reverse proxy is working properly, I’m able to use an existing session as well as start a new session in private browsing. The only smoking gun I have for something being wrong is that even when authenticated I get a 401 for /rest/sitemaps and I wonder if this is why the android app is not happy.
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "POST /rest/auth/token HTTP/1.1" 200 841 "https://oh/settings/" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "GET /rest/sitemaps HTTP/1.1" 401 74 "https://oh/settings/" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "GET /service-worker.js HTTP/1.1" 304 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "GET /rest/ HTTP/1.1" 200 446 "https://oh/settings/" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "GET /rest/services HTTP/1.1" 200 582 "https://oh/settings/" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
172.24.0.250 - - [21/Feb/2024:16:21:11 +0000] "GET /rest/inbox HTTP/1.1" 200 33 "https://oh/settings/" "Mozilla/5.0 (X11; Linux x86_64; rv:122.0) Gecko/20100101 Firefox/122.0" "-"
Turning the implicit user role on and I get a 200 for the sitemap but I’m reticent to do that because I want to expose things that should require authentication.
Searching the forum hasn’t yielded anything quite like this. Has anyone got any ideas/pointers?
Thanks!