FE login fails at first attempt with page shown in multiple browser tabs
When you have a page with loginbox open in 2 different browser tabs the login attempt on the first opened browser tab will fail.
[FE][loginSecurityLevel] = rsa
Updated by Markus Klein almost 10 years ago
- Category set to Authentication
Ok so this is not related to session handling but rsaauth.
A new key is generated for each request. So only the last key is valid. (all former keys are discarded)
We should change felogin to fetch the key on submit like the BE login does. But that would be a breaking change I fear.
Is this fixable at all?