Project

General

Profile

Bug #7092

API doesn't send WWW-Authenticate header

Added by Brian Rak almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
API
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

If foreman receives an API request with no Authorization header, it should include the WWW-Authenticate header in the response. Not doing this prevents wget from understanding that it needs to reply with the header. (You can override this with --auth-no-challenge, but it's confusing).

See http://tools.ietf.org/html/rfc2617#section-3.2.1

Also available in: Atom PDF