Details
-
Bug
-
Resolution: Done
-
Blocker
-
1.2.7.Final
-
None
Description
. Set user a:a
. Set "Transport security required"
. Use correct credentials
. Access via non-HTTPS endpoint
Result: You see an error but the backend is still hit and its response is still returned.
curl http://a:a@localhost:8080/foo-bar/test/test/10 {"type":"Authentication","failureCode":10011,"responseCode":0,"message":"BASIC authentication failed.","headers":[{"WWW-Authenticate":"Basic realm=\"test-realm\""}]}{ "method" : "GET", "resource" : "/services/echo", "uri" : "/services/echo", "headers" : { "Accept" : "*/*", "Connection" : "Keep-Alive", "User-Agent" : "curl/7.50.1", "Host" : "localhost:8080", "Accept-Encoding" : "gzip" }, "bodyLength" : null, "bodySha1" : null, "counter" : 3 }