Details
-
Bug
-
Resolution: Done
-
Blocker
-
7.1.0.DR13
Description
When accessing application configured with SPNEGO + FORM fallback, then user get 404 on first http GET instead of 401, therefore is unable to authenticate.
[mchoma@localhost ~]$ curl -v http://localhost.localdomain:8080/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/SimpleSecuredServlet * Hostname was NOT found in DNS cache * Trying 127.0.0.1... * Connected to localhost.localdomain (127.0.0.1) port 8080 (#0) > GET /be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/SimpleSecuredServlet HTTP/1.1 > User-Agent: curl/7.37.0 > Host: localhost.localdomain:8080 > Accept: */* > < HTTP/1.1 404 Not Found < Expires: 0 < Cache-Control: no-cache, no-store, must-revalidate < X-Powered-By: Undertow/1 < Set-Cookie: JSESSIONID=0O3kk4WJTVuH0XuWriO_d_M6HMCb83Ri7UZmtUU0.localhost; path=/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5 * Server JBoss-EAP/7 is not blacklisted < Server: JBoss-EAP/7 < Pragma: no-cache < Date: Fri, 03 Mar 2017 09:15:41 GMT < Connection: keep-alive < WWW-Authenticate: Negotiate < Content-Type: text/html;charset=UTF-8 < Content-Length: 149 < * Connection #0 to host localhost.localdomain left intact <html><head><title>Error</title></head><body>/be4459d3-1eb1-4aa9-a42a-e6a63c1d33c5/protected/http:/localhost.localdomain:8080/login.jsp</body></html>[mchoma@localhost ~]$
Changing in web.xml <auth-method>SPNEGO,FORM</auth-method> to <auth-method>SPNEGO</auth-method> makes SPNEGO work again.
Attachments
Issue Links
- is cloned by
-
-
- Resolved
-
