Bug 793 - WWW-Authenticate header field is missing
WWW-Authenticate header field is missing
Status: RESOLVED DUPLICATE of bug 629
Product: Samba 3.0
Classification: Unclassified
Component: SWAT
All All
: P4 minor
: none
Assigned To: John H Terpstra
Depends on:
  Show dependency treegraph
Reported: 2003-11-19 06:07 UTC by Mikulas Patocka
Modified: 2003-11-21 22:13 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Mikulas Patocka 2003-11-19 06:07:12 UTC
When you go to SWAT page, it responds with

HTTP/1.0 401 Authorization Required
WWW-Authenticate: Basic realm="SWAT"
Connection: close
Content-Type: text/html

When you enter bad username/password, you get response:

HTTP/1.0 401 Bad Authorization
Connection: close
Content-Type: text/html

This response is violating RFC1945. According to RFC all 401 responses must
include WWW-Authenticate field (section 9.4).

This prevents users of browser links-2.1pre14 from logging into SWAT when they
enter bad password first time.
Comment 1 Gerald (Jerry) Carter 2003-11-21 22:13:38 UTC

*** This bug has been marked as a duplicate of 629 ***