Skip to content

O
OHR Support
Commit aa4d1fe8 authored by Jean-Philippe Lang's avatar Jean-Philippe Lang
Browse files
Options

Fixed: API 401 response does not include WWW-Authenticate header (#5322). 

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3679 e93f8b46-1217-0410-a6f0-8f06a7374b81
parent 2c0ce104
Hide whitespace changes
Inline Side-by-side
Showing with 25 additions and 2 deletions
app/controllers/application_controller.rb
View file @ aa4d1fe8
...@@ -128,8 +128,8 @@ class ApplicationController < ActionController::Base ...@@ -128,8 +128,8 @@ class ApplicationController < ActionController::Base
respond_to do |format| respond_to do |format|
format.html { redirect_to :controller => "account", :action => "login", :back_url => url } format.html { redirect_to :controller => "account", :action => "login", :back_url => url }
format.atom { redirect_to :controller => "account", :action => "login", :back_url => url } format.atom { redirect_to :controller => "account", :action => "login", :back_url => url }
format.xml { head :unauthorized } format.xml { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
format.json { head :unauthorized } format.json { head :unauthorized, 'WWW-Authenticate' => 'Basic realm="Redmine API"' }
end end
return false return false
end end
......
test/integration/http_basic_login_test.rb
View file @ aa4d1fe8
...@@ -44,6 +44,18 @@ class HttpBasicLoginTest < ActionController::IntegrationTest ...@@ -44,6 +44,18 @@ class HttpBasicLoginTest < ActionController::IntegrationTest
assert_equal User.anonymous, User.current assert_equal User.anonymous, User.current
end end
end end
context "without credentials" do
setup do
get "/projects/onlinestore/news.xml"
end
should_respond_with :unauthorized
should_respond_with_content_type :xml
should "include_www_authenticate_header" do
assert @controller.response.headers.has_key?('WWW-Authenticate')
end
end
end end
context "in :json format" do context "in :json format" do
...@@ -76,5 +88,16 @@ class HttpBasicLoginTest < ActionController::IntegrationTest ...@@ -76,5 +88,16 @@ class HttpBasicLoginTest < ActionController::IntegrationTest
end end
end end
context "without credentials" do
setup do
get "/projects/onlinestore/news.json"
end
should_respond_with :unauthorized
should_respond_with_content_type :json
should "include_www_authenticate_header" do
assert @controller.response.headers.has_key?('WWW-Authenticate')
end
end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment