Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-1963

Silent Basic let me access resource without credential

    XMLWordPrintable

Details

    • Bug
    • Resolution: Cannot Reproduce
    • Major
    • None
    • None
    • HTTP
    • None

    Description

      I use this configuration in web.xml <auth-method>BASIC?silent=true,FORM</auth-method> and I get 200 + content of protected resource when I access resource without credentials.

      If I use this configuration in web.xml <auth-method>BASIC?silent=true</auth-method> I get correctly empty content with 200 status code when I access without credentials.

      Zulip Chat 2019-01-04: https://wildfly.zulipchat.com/#narrow/stream/174178-eap/subject/EAP7-1154.20HTTP.20Basic.20Silent.20Operation

      Test Commit: https://github.com/mchoma/wildfly/commit/e191c211c7e224f835c933c31829e59777aa4008

      Attachments

        Activity

          People

            dvilkola@redhat.com Diana Krepinska
            mchoma@redhat.com Martin Choma
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: