Maybe its a host issue, sessions are bound to the hostname - are you posting the authentication request to the same host as the jsonp request? How does your vhost entry looks like?
jo 2013/6/27 Wordit <[email protected]>: > On 27 Jun 2013 17:23, "Johannes Jörg Schmidt" <[email protected]> wrote: >> >> Handlers defined in `[httpd] vhost_global_handlers` are already >> routed. By default: _utils, _uuids, _session, _oauth, _users. > > If /_session should be hit without a rewrite, then what may be the cause of > this 401 error? Is it a configuration issue? > > Marcus
