Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic authentication scheme is not case-insensitive #7163

Closed
eleftherias opened this issue Jul 29, 2019 · 0 comments
Closed

Basic authentication scheme is not case-insensitive #7163

eleftherias opened this issue Jul 29, 2019 · 0 comments
Assignees
@eleftherias
Labels
in: web An issue in web modules (web, webmvc) type: bug A general bug
Milestone
5.2.0.M4

Comments

@eleftherias
Copy link
Contributor

Actual Behavior

When http basic authentication is enabled and the Authorization header is prefixed with "BASIC" or "BaSiC" and contains a valid token, then the service responds with a 401 Unauthorized status.

Expected Behavior

When http basic authentication is enabled and the Authorization header is prefixed with "BASIC" or "BaSiC" and contains a valid token, then the service responds with a 200 OK status.
@eleftherias eleftherias added in: web An issue in web modules (web, webmvc) type: bug A general bug labels Jul 29, 2019
@eleftherias eleftherias added this to the 5.2.0.M4 milestone Jul 29, 2019
@eleftherias eleftherias self-assigned this Jul 29, 2019
kostya05983 pushed a commit to kostya05983/spring-security that referenced this issue Aug 26, 2019
@eleftherias @kostya05983
Make basic authentication scheme case-insensitive
850aa39 
Fixes: spring-projectsgh-7163
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@eleftherias eleftherias

Labels
in: web An issue in web modules (web, webmvc) type: bug A general bug
Projects
None yet
Milestone
5.2.0.M4
Development

No branches or pull requests
1 participant
@eleftherias