BUG: After creating new route: The security context contained no tokens which could be authenticated. #2832
Open
Description
Description
This issue is about that sometimes new secured routes wont work directly but one needs to destroy the Flow session (eg. log in log out or ./ flow session:destroyall)
I always encountered this issue specifically when creating a new backend route for the neos ui (eg. /neos/blabla)
But i will investigate what the minimal way to reproduce this behavior is.
Steps to Reproduce
see slack: https://neos-project.slack.com/archives/C050C8FEK/p1632390981305100
or:
- Create a new neos backend route (will provide the steps)
- Test the route in the browser
Expected behavior
one is authenticated
Actual behavior
one is not authenticated. The flow session needs to be destroyed eg: log in log out (in neos ui) or ./ flow session:destroyall
The security context contained no tokens which could be authenticated.
Evaluated following 1 privilege target(s):
"Neos.Neos:Backend.OtherUsersPersonalWorkspaceAccess": ABSTAIN
(0 granted, 0 denied, 1 abstained)
Exception Code 1258721059
Exception Type Neos\Flow\Security\Exception\NoTokensAuthenticatedException
Log Reference 20220420083951d4c663
Thrown in File Data/Temporary/Development/Cache/Code/Flow_Object_Classes/Neos_Flow_Security_Authorization_Interceptor_PolicyEnforcement.php
Line 104
Original File Packages/Framework/Neos.Flow/Classes/Security/Authorization/Interceptor/PolicyEnforcement.php
Affected Versions
Neos & Flow & UI: 7.3