Running VE on MW (1.31) with remote SSO (SAML) authentication seeing the following problem when session expires and needs to be revalidated by the remote SSO:
- VE fails to revalidate with remote SSO
(standard source edit revalidates no problem)
From the Developers console of the browser I can see that VE is trying to use JS to contact the server via the API and is getting redirected to the SSO (as it should). The SSO, however, is refusing the process the request (causing the VE client JS to fail) with the message:
[client request] blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource."
I have no ability to alter the CORS policy of my SSO. The only hope for resolving this issue is to update VE to meet the requirements of the SSO.
Curious if this is this something the VE developers could implement easily? .. or is this something way more complicated than I'm aware of.