REST API violation in BMC smart proxy API
[root@puppet ~]# wget --header "Accept: application/json"
HTTP/1.1 400 Bad Request
Date: Wed, 11 Feb 2015 13:38:43 GMT
Server: WEBrick/1.3.1 (Ruby/1.8.7/2011-06-30) OpenSSL/1.0.1e
2015-02-11 14:38:43 ERROR 400: Bad Request.
This is because of the `raise` at . A proper REST implementation
should instead return a "401 Unauthorized" code to indicate the client
to retry with credentials. Although I do admire the technical prowess of
the hack, I would question the (ab)use of the basic authentication
mechanism for passing the ipmi username/password.
This can be worked around by passing "--auth-no-challenge" to wget to
force sending the credentials without being issued a 401.