Jetty
  1. Jetty
  2. JETTY-732

Case Sensitive Basic Authentication Response Header Implementations

    Details

    • Type: Bug Bug
    • Status: Resolved Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 7.0.0pre4, 6.1.12.rc3, 6.1.12
    • Component/s: None
    • Labels:
      None
    • Patch Submitted:
      Yes
    • Number of attachments :
      1

      Description

      Although the HTTP Authentication: Basic and Digest Access Authentication RFC states that the http headers should use "an extensible,
      case-insensitive token to identify the authentication scheme" libraries like acegi security require the response header to be case sensitive. ie "Basic" not "basic"

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            David Yu
            Reporter:
            Markus Kobler
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: