Default realm is always returned with HTTP 401 #5284

sberyozkin · 2019-11-07T13:36:45Z

Describe the bug
Andrey has reported that a default Quarkus realm is returned with 401 even when a property such as quarkus.security.users.file.realm-name=MyRealm is set.

Expected behavior
WebAuthenticate needs to have a custom realm name set.

The text was updated successfully, but these errors were encountered:

belyaev-andrey · 2019-11-07T15:32:08Z

It looks like this is it and you're aware of this issue.

io.quarkus.vertx.http.runtime.security.HttpAuthenticator
lines 43 - 48

            if (!usernamePassword.isUnsatisfied()) {
                //TODO: config
                mechanism = new BasicAuthenticationMechanism("Quarkus");
            } else {
                mechanism = new NoAuthenticationMechanism();
            }

- Use synthetic beans to configure form and basic auth - Allow multiple authentication mechanisms - Better default behaviour based on what is configured Fixes quarkusio#7768 Fixes quarkusio#5284

sberyozkin added kind/bug Something isn't working area/security labels Nov 7, 2019

sberyozkin mentioned this issue Nov 7, 2019

CORS should return correct headers even if an authorization header is wrong #3685

Closed

stuartwdouglas mentioned this issue Mar 20, 2020

Authentication fixes #8006

Merged

gsmet closed this as completed in #8006 Mar 26, 2020

gsmet added this to the 1.3.1.Final milestone Mar 26, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Default realm is always returned with HTTP 401 #5284

Default realm is always returned with HTTP 401 #5284

sberyozkin commented Nov 7, 2019

belyaev-andrey commented Nov 7, 2019

Default realm is always returned with HTTP 401 #5284

Default realm is always returned with HTTP 401 #5284

Comments

sberyozkin commented Nov 7, 2019

belyaev-andrey commented Nov 7, 2019