Hi Colm, I remember there was some good reason supporting this change (possibly as part of one of initial 2.0.0 issues): I'll investigate tomorrow and report.
Regards. On 28 June 2016 16:40:49 CEST, Colm O hEigeartaigh <cohei...@apache.org> wrote: >Hi, > >Just wanted to check before filing a JIRA. With the latest >2.0.0-SNAPSHOT, >I noticed that accessing the REST API without supplying a >username/password >returns 403 as opposed to the old 401. > >wget http://localhost:9080/syncope/rest/users > >--2016-06-28 15:40:01-- http://localhost:9080/syncope/rest/users >Resolving localhost (localhost)... 127.0.0.1 >Connecting to localhost (localhost)|127.0.0.1|:9080... connected. >HTTP request sent, awaiting response... 403 >2016-06-28 15:40:01 ERROR 403: (no description). > >Whereas with 1.2.7: > >wget http://localhost:9080/syncope/rest/users >--2016-06-28 15:29:42-- http://localhost:9080/syncope/rest/users >Resolving localhost (localhost)... 127.0.0.1 >Connecting to localhost (localhost)|127.0.0.1|:9080... connected. >HTTP request sent, awaiting response... 401 Unauthorized > >Username/Password Authentication Failed. > >This means that if you open up a web browser and try to access say: > >http://localhost:9080/syncope/rest/users > >a pop-up windows does not appear for the user to enter the >user/password. >Was there a reason for this change or will I file a bug? > >Thanks, > >Colm. -- Francesco Chicchiriccò Tirasa - Open Source Excellence http://www.tirasa.net/ Involved at The Apache Software Foundation: member, Syncope PMC chair, Cocoon PMC, Olingo PMC, CXF Committer, OpenJPA Committer http://home.apache.org/~ilgrosso/
