[jira] [Commented] (SLING-2443) Missing WWW-Authenticate header on OPTIONS request with trunk servlets.resolver bundle

Tue, 20 Mar 2012 10:10:01 -0700 

    [ 
https://issues.apache.org/jira/browse/SLING-2443?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13233562#comment-13233562
 ] 

Bertrand Delacretaz commented on SLING-2443:
--------------------------------------------

IIUC it's jackrabbit's AbstractWebdavServlet. sendUnauthorized(...) method that 
sends this:

response.setHeader("WWW-Authenticate", getAuthenticateHeaderValue());
        if (error == null || error.getErrorCode() != 
HttpServletResponse.SC_UNAUTHORIZED) {
            response.sendError(HttpServletResponse.SC_UNAUTHORIZED);
        } else {
            response.sendError(error.getErrorCode(), error.getStatusPhrase());
        }

and that looks a bit tricky to override (just had a quick look)

[1] 
http://svn.apache.org/repos/asf/jackrabbit/trunk/jackrabbit-webdav/src/main/java/org/apache/jackrabbit/webdav/server/AbstractWebdavServlet.java
                
> Missing WWW-Authenticate header on OPTIONS request with trunk 
> servlets.resolver bundle
> --------------------------------------------------------------------------------------
>
>                 Key: SLING-2443
>                 URL: https://issues.apache.org/jira/browse/SLING-2443
>             Project: Sling
>          Issue Type: Bug
>          Components: Servlets
>            Reporter: Bertrand Delacretaz
>
> Running the launchpad/builder standalone jar from the trunk correctly returns 
> an WWW-Authenticate header on an OPTIONS request with no credentials:
> $ curl -D - -X OPTIONS http://localhost:8080/
> HTTP/1.1 401 Unauthorized
> WWW-Authenticate: Basic realm="Jackrabbit Webdav Server"
> Content-Type: ...
> But if I replace the org.apache.sling.servlets.resolver 2.1.0 bundle that's 
> in there with the latest snapshot (revision 1302994) that header is missing: 
> it gets removed by the response.reset() call in 
> DefaultErrorHandlerServlet.sendIntro(...), which makes it impossible to 
> connect with WebDAV.
> That response.reset() call was not present in 2.1.0.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: 
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to