Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-18522

Hide Existence of Unauthorized Resources resulting 401 instead of 404

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Priority: 4 - Normal
    • Resolution: Unresolved
    • Affects Version/s: 6.7.3
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Severity:
      Medium

      Description

      Here are the steps to reproduce the issue

      Make sure the repository doesn't have anonymous read permissions

      1. Enable ‘Allow Anonymous Access’ from ‘General Security Configuration

      2. Enable ‘Hide Existence of Unauthorized Resources’ from ‘General Security Configuration’

      ip-10-8-16-47:~ lakshmiprasad$ curl http://<Artifactory_URL>/artifactory/list/libs-release-local

       { "errors" : [

      {     "status" : 404,    "message" : "Resource not found" }

      ]

       

      However, when we add slash '/' at the end it is throwing 401 instead of 404

      ip-10-8-16-47:~ lakshmiprasad$ curl http://<Artifactory_url>/artifactory/list/libs-release-local/

      { "errors" : [

      {     "status" : 401,     "message" : "Unauthorized"}

      ]

       

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            lakshmip Lakshmi Prasad
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:

                Sync Status

                Connection: RTFACT Sync
                RTMID-18522 -
                SYNCHRONIZED
                • Last Sync Date: