** Changed in: keystone
Status: Fix Committed => Fix Released
** Changed in: keystone
Milestone: None => icehouse-1
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to Keystone.
https://bugs.launchpad.net/bugs/1153719
Title:
401 responses do not include WWW-Authenticate header
Status in OpenStack Identity (Keystone):
Fix Released
Bug description:
When an HTTP 1.1 server responds with 401 status code, it MUST include
a WWW-Authenticate header. Keystone is not including the WWW-
Authenticate header when it responds with 401.
See http://tools.ietf.org/html/rfc2616#section-10.4.2
$ curl -i http://localhost:5000/v3/projects ; echo
HTTP/1.1 401 Not Authorized
Vary: X-Auth-Token
Content-Type: application/json
Content-Length: 116
Date: Mon, 11 Mar 2013 18:35:57 GMT
{"error": {"message": "The request you have made requires
authentication.", "code": 401, "title": "Not Authorized"}}
The server should have included WWW-Authenticate in the response. I don't
know what it should be set to, but according to the HTTP 1.1 RFC, it has to be
set to something.
To manage notifications about this bug go to:
https://bugs.launchpad.net/keystone/+bug/1153719/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
