Hi @erwanlc - thanks for your patience here. Been talking with @Chris_Knoll and we have a few more items we’d like to confirm with you. First, on the database side, can you execute the following query to confirm all of the role permissions:
select
u.id user_id,
u.login,
r.id role_id,
r.name role_name,
p.id permission_id,
p.value,
p.description
from webapi.sec_permission p
inner join webapi.sec_role_permission rp ON p.id = rp.permission_id
inner join webapi.sec_user_role ur ON ur.role_id = rp.role_id
inner join webapi.sec_role r ON ur.role_id = r.id
inner join webapi.sec_user u ON ur.user_id = u.id
where u.id = 1003
order by r.id, p.id
You may need to alter this query if you installed the WebAPI into a different schema. Could you share the results of this query? You should hopefully something similar to this:
The next item we’d like to confirm: when you click the Sign In button and choose the Windows authentication, can you confirm that your Windows Credentials are displayed in the Atlas pop-up? Please see my screen shot from earlier.
In addition, open the Google Chrome Developer Console and run the following commands via the Console:
pageModel.authApi.isAuthenticated()
pageModel.authApi.subject()
pageModel.authApi.isPermittedCreateCohort()
We are concerned that we don’t see these headers in the response:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://<your web server>
Access-Control-Expose-Headers:Bearer
These should should be set automatically by the WebAPI code that enables CORS filtering. The fact that these headers are not present could be the cause of any authentication issues.