HTTP authentication should be enabled only when id/pw is given

[leeopop]

When a server allows anonymous read, authentication should not be used.

In my case,

curl https://$JOB_LOCATION/api/json # This succeeds
curl https://$JOB_LOCATION/api/json --basic -u anonymous # This fails

[alefragnani]

Hi @leeopop ,

First of all, sorry for taking so long to answer you. I had to take a break on my projects in the recent weeks.

About your request, it's weird to think that anonymous read is working different from no authentication, complaining about empty values for user and password. I'm not using Jenkins as much as before, but I think I could test this scenario in some of my jobs.

Thanks for suggestion, and for your PR 👍

[leeopop]

The error message says that this error is generated by Jetty that Jenkins relies on.

<html>
<head>
<meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
<title>Error 401 Invalid password/token for user: anonymous</title>
</head>
<body><h2>HTTP ERROR 401</h2>
<p>Problem accessing /job/ANLAB-KAIST/job/jenkins_build_test/job/master/api/json. Reason:
<pre>    Invalid password/token for user: anonymous</pre></p><hr><a href="http://eclipse.org/jetty">Powered by Jetty:// 9.4.z-SNAPSHOT</a><hr/>

</body>
</html>

One alternative solution to this problem is to fix Jetty and change its configuration. However, I think it would be better to be supported by this plugin to help Jenkins beginners with default Jenkins configuration.