Community
Participate
Working Groups
HTTP server does not include "WWW-Authenticate" header when an underlying call, e.g. "RepositoryResolver.open", throws "ServiceNotAuthorizedException". This situation violates Section 10.16 of RFC 1945. As a result, Git clients fail to challenge the user to enter their credentials and retry the request. In a test scenario (public-pull private-push), the Git command line (version 2.14.1) fails to ask for username and password when the server returns HTTP status 401.
I updated SmartClientSmartServerTest to catch this bug. As a result `SmartClientSmartServerTest#testPush_NotAuthorized` fails. See: https://github.com/pursultani/jgit/commit/32ecd539 My solution is to add another filter to the chain, i.e. `WWWAuthenticationFilter`, to ensure that the header is included. Also, the realm name can be set by a new init param, "realm-name". See: https://github.com/pursultani/jgit/commit/fb19681f
New Gerrit change created: https://git.eclipse.org/r/117220