Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-58875

BasicAuthHeaderAuthVerifier is unable to send correct WWW-Authenticate challenge

    Details

      Description

      Steps to reproduce:

      1. Set jsonws.servlet.basic_auth=true in portal-ext.properties
      2. Start portal
      3. Execute in cmd line: curl -i http://localhost:8080/api/jsonws/country/get-countries

      Actual result: response contains WWW-Authenticate: Basic bnVsbDpudWxs

      Steps to verify the fix:

      1. update configuration file in your liferay bundle osgi/config/com.liferay.portal.security.auth.verifier.basic.auth.header.module.configuration.BasicAuthHeaderAuthVerifierConfiguration-default.cfg ... set forceBasicAuth=true, it should automatically redeploy the configuration
      2. or go to Config Admin in Control Panel and update it from there
      3. or go to localhost:8080/o/system/console/configMgr and update it from there (admin:admin)

      Expected result: response contains header WWW-Authenticate: Basic realm="PortalRealm"

        Attachments

          Activity

            People

            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                3 years, 45 weeks, 1 day ago

                Packages

                Version Package
                7.0.0 Alpha 2