I am using external auth in Icingaweb2, and am wondering how others have solved this issue. Since the web application is built the way it is, on occasion I will get a window full of ‘Unauthorized’ messages. Is there any way (in the Icingaweb2 configuration) to have the entire page refresh when a 401 message shows up?
We use external authentication with Apache httpd as reverse proxy to php-fpm and it’s worked flawlessly ever since it was deployed. I’d look into Apache’s logs to look for the cause of this problem.
Ok, thanks! In my case it works after a refresh. My suspicion is that iframe requests don’t refresh the state cookie which means this needs to be allowed too.