Bug 793 - WWW-Authenticate header field is missing
Summary: WWW-Authenticate header field is missing
Status: RESOLVED DUPLICATE of bug 629
Alias: None
Product: Samba 3.0
Classification: Unclassified
Component: SWAT (show other bugs)
Version: 3.0.0
Hardware: All All
: P4 minor
Target Milestone: none
Assignee: John H Terpstra (mail address dead(
QA Contact:
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-19 06:07 UTC by Mikulas Patocka
Modified: 2003-11-21 22:13 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Mikulas Patocka 2003-11-19 06:07:12 UTC
When you go to SWAT page, it responds with

HTTP/1.0 401 Authorization Required
WWW-Authenticate: Basic realm="SWAT"
Connection: close
Content-Type: text/html

When you enter bad username/password, you get response:

HTTP/1.0 401 Bad Authorization
Connection: close
Content-Type: text/html

This response is violating RFC1945. According to RFC all 401 responses must
include WWW-Authenticate field (section 9.4).

This prevents users of browser links-2.1pre14 from logging into SWAT when they
enter bad password first time.
Comment 1 Gerald (Jerry) Carter (dead mail address) 2003-11-21 22:13:38 UTC

*** This bug has been marked as a duplicate of 629 ***