Tomas Sedovic created DTACLOUD-323:
--------------------------------------
Summary: Incorrect responses for json requests with
missing/invalid credentials
Key: DTACLOUD-323
URL: https://issues.apache.org/jira/browse/DTACLOUD-323
Project: DeltaCloud
Issue Type: Bug
Components: Server
Environment: Deltacloud 1.0.3 running from source under Fedora 17,
64bit.
Reporter: Tomas Sedovic
Requesting a JSON resource that requires authentication (e.g. images) and
passing either empty or incorrect credentials results in unexpected responses:
406 for wrong username/password and empty response + server-side exception for
missing credentials.
Steps:
1. cd deltacloud/server
2. git checkout release-1.0.3
3. ./bin/deltacloudd -i mock
4. In another shell run these commands:
$ curl -v http://localhost:3001/api/images -H 'Accept: application/json' -u
mockuser:mockpassword
result: HTTP/1.1 200 OK (this is correct)
$ curl -v http://localhost:3001/api/images -H 'Accept: application/json' -u
mockuser:badpassword
result: HTTP/1.1 406 Not Acceptable; expected: 401 Unauthorized
$ curl -v http://localhost:3001/api/images -H 'Accept: application/json'
result: curl: (52) Empty reply from server, the Deltacloud server logs an
exception stacktrace (attached)
excepted: 401 Unauthorized, no exception on the server
Tested on Mock and EC2 drivers. This happens only when requesting
JSON-formatted data. Asking for XML returns 401 in both cases.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
