[ https://issues.apache.org/jira/browse/AMBARI-19389?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Levas updated AMBARI-19389: ---------------------------------- Status: Patch Available (was: In Progress) > Authentication negotiation HTTP response should be sent when Kerberos > authentication is enabled > ----------------------------------------------------------------------------------------------- > > Key: AMBARI-19389 > URL: https://issues.apache.org/jira/browse/AMBARI-19389 > Project: Ambari > Issue Type: Bug > Components: ambari-server > Affects Versions: 2.5.0 > Reporter: Robert Levas > Assignee: Robert Levas > Labels: authentication, kerberos, security > Fix For: 2.5.0 > > Attachments: AMBARI-19389_branch-2.5_01.patch, > AMBARI-19389_trunk_01.patch > > > Authentication negotiation HTTP response should be automatically sent when > needed when Kerberos authentication is enabled. > The expected HTTP response during authentication failure when Kerberos > authentication into Ambari is enabled is as follows: > {noformat} > HTTP/1.1 401 Authentication requested > WWW-Authenticate: Negotiate > {noformat} > When Kerberos authentication into Ambari is not enabled the expected HTTP > response for an authentication failure is: > {noformat} > HTTP/1.1 403 Missing authentication token > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)