deltacloud-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tomas Sedovic (JIRA)" <j...@apache.org>
Subject [jira] [Created] (DTACLOUD-323) Incorrect responses for json requests with missing/invalid credentials
Date Wed, 19 Sep 2012 13:42:07 GMT
Tomas Sedovic created DTACLOUD-323:
--------------------------------------

             Summary: Incorrect responses for json requests with missing/invalid credentials
                 Key: DTACLOUD-323
                 URL: https://issues.apache.org/jira/browse/DTACLOUD-323
             Project: DeltaCloud
          Issue Type: Bug
          Components: Server
         Environment: Deltacloud 1.0.3 running from source under Fedora 17, 64bit.
            Reporter: Tomas Sedovic


Requesting a JSON resource that requires authentication (e.g. images) and passing either empty
or incorrect credentials results in unexpected responses: 406 for wrong username/password
and empty response + server-side exception for missing credentials.

Steps:
1. cd deltacloud/server
2. git checkout release-1.0.3
3. ./bin/deltacloudd -i mock
4. In another shell run these commands:

    $ curl -v http://localhost:3001/api/images -H 'Accept: application/json' -u mockuser:mockpassword
    result: HTTP/1.1 200 OK  (this is correct)

    $ curl -v http://localhost:3001/api/images -H 'Accept: application/json' -u mockuser:badpassword
    result: HTTP/1.1 406 Not Acceptable; expected: 401 Unauthorized

    $ curl -v http://localhost:3001/api/images -H 'Accept: application/json'
    result: curl: (52) Empty reply from server, the Deltacloud server logs an exception stacktrace
(attached)
    excepted: 401 Unauthorized, no exception on the server 

Tested on Mock and EC2 drivers. This happens only when requesting JSON-formatted data. Asking
for XML returns 401 in both cases.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message