search

Campoie / rest-assured

Automatically exported from code.google.com/p/rest-assured
0 stars 0 forks source link

Spurious basic authorisation warning #38

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
I am using RestAssured version 1.0.3, from the central Maven repository. The 
code below is being used to test authentication for a user that does not exist.

given()
    .auth()
    .basic("abcd", "abCD1")
.expect()
    .statusCode(401)
.when()
    .get("/");

This test passes, but the logger displays the following message.

Mar 3, 2011 11:37:58 AM org.apache.http.impl.client.DefaultRequestDirector 
handleResponse
WARNING: Authentication error: basic authorization challenge expected, but not 
found

Below are the associated response headers.

$ curl -i http://localhost:8080
HTTP/1.1 401 Authorization Required
WWW-Authenticate: Basic realm="myapplication"
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: must-revalidate,no-cache,no-store
Content-Length: 1391
Server: Jetty(7.3.0.v20110203)

$ curl --user abcd:abCD1 -i http://localhost:8080
HTTP/1.1 401 Unauthorized
Content-Type: text/html;charset=ISO-8859-1
Cache-Control: must-revalidate,no-cache,no-store
Content-Length: 1371
Server: Jetty(7.3.0.v20110203)

I have tried to find the cause of this message, but have had little luck thus 
far. I get no such warning for tests with malformed credentials (eg. 
"u:ser:passwo:rd") or well-formed credentials for a user that does exist.

Original issue reported on code.google.com by jocon...@internode.com.au on 3 Mar 2011 at 1:44

GoogleCodeExporter commented 9 years ago 
To clarify the circumstances where I do not receive such an error, the 
following tests cause no such warning.

// No credentials.
expect()
    .statusLine("HTTP/1.1 401 Authorization Required")
    .header("WWW-Authenticate", "Basic realm=\"myapplication\"")
.when()
    .get("/");

// Malformed credentials.
given()
    .auth()
    .basic("a:bcd", "abcd")
.expect()
    .statusCode(400)
.when()
    .get("/");

// Well-formed and valid credentials.
given()
    .auth()
    .basic("validuser", "validpass")
.expect()
    .statusCode(200)
.when()
    .get("/");

Original comment by jocon...@internode.com.au on 3 Mar 2011 at 1:53

GoogleCodeExporter commented 9 years ago 
I cannot reproduce this, please have a look at the test called 
"supportsExpectingStatusCodeWhenAuthenticationError" here: 
https://github.com/jayway/rest-assured/blob/master/examples/rest-assured-itest-j
ava/src/test/java/com/jayway/restassured/itest/java/JSONGetITest.java

Could there be something wrong with the server authentication setup?

Original comment by johan.ha...@gmail.com on 3 Mar 2011 at 8:46

GoogleCodeExporter commented 9 years ago 
Closing because no input from user.

Original comment by johan.ha...@gmail.com on 23 Mar 2011 at 8:36