[ATLAS-1951] Regression: Any REST API request without user credentials results in 302 redirect to login.jsp. Actually, the correct response should be 401. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Critical
Resolution: Fixed
Affects Version/s: 1.0.0
Fix Version/s: 1.0.0
Component/s: atlas-core
Labels:
None

Description

Regression: Any REST API request to atlas without user credentials results in 302 redirect( login.jsp), but the actual response code should be 401 unauthorized.

This issue could have been introduced as part of new spring changes.

For example:

curl -v -X GET "http://ctr-e133-1493418528701-181199-01-000002.hwx.site:21000"
* Rebuilt URL to: http://ctr-e133-1493418528701-181199-01-000002.hwx.site:21000/
*   Trying 172.27.56.2...
* Connected to ctr-e133-1493418528701-181199-01-000002.hwx.site (172.27.56.2) port 21000 (#0)
> GET / HTTP/1.1
> Host: ctr-e133-1493418528701-181199-01-000002.hwx.site:21000
> User-Agent: curl/7.43.0
> Accept: */*
>
< HTTP/1.1 302 Found
< Date: Fri, 14 Jul 2017 11:16:42 GMT
< Set-Cookie: ATLASSESSIONID=1i0rxnm66dd3h17xyhvstk0vck;Path=/;HttpOnly
< Expires: Thu, 01 Jan 1970 00:00:00 GMT
< X-Frame-Options: DENY
< Location: http://ctr-e133-1493418528701-181199-01-000002.hwx.site:21000/login.jsp
< Content-Length: 0
< Server: Jetty(9.2.12.v20150709)
<
* Connection #0 to host ctr-e133-1493418528701-181199-01-000002.hwx.site left intact

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

ATLAS-1951.patch
26/Jul/17 14:18
2 kB
Nixon Rodrigues

Activity

People

Assignee:: Nixon Rodrigues

Reporter:: Ayub Pathan

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 14/Jul/17 11:22

Updated:: 27/Jul/17 04:58

Resolved:: 27/Jul/17 04:58