Request for BearerAuthenticationProvider not to add a blank token to the Authorization header, as doing so will never satisfy any real authorization requirement, and may cause a request failure when multiple Authorization headers are sent due to multiple (optional) security schemes are defined on an endpoint.
This change could be extended to the other AuthProviders, but I have not been using those.
Request for
BearerAuthenticationProvider
not to add a blank token to theAuthorization
header, as doing so will never satisfy any real authorization requirement, and may cause a request failure when multipleAuthorization
headers are sent due to multiple (optional)security
schemes are defined on an endpoint.This change could be extended to the other
AuthProvider
s, but I have not been using those.Fixes: #589