Uploaded image for project: 'Artifactory Binary Repository'
  1. Artifactory Binary Repository
  2. RTFACT-18522

Hide Existence of Unauthorized Resources resulting 401 instead of 404

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Open
    • Resolution: Unresolved
    • Affects Version/s: 6.7.3
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Severity:
      Medium

      Description

      Here are the steps to reproduce the issue

      Make sure the repository doesn't have anonymous read permissions

      1. Enable ‘Allow Anonymous Access’ from ‘General Security Configuration

      2. Enable ‘Hide Existence of Unauthorized Resources’ from ‘General Security Configuration’

      ip-10-8-16-47:~ lakshmiprasad$ curl http://<Artifactory_URL>/artifactory/list/libs-release-local

       { "errors" : [

      {     "status" : 404,    "message" : "Resource not found" }

      ]

       

      However, when we add slash '/' at the end it is throwing 401 instead of 404

      ip-10-8-16-47:~ lakshmiprasad$ curl http://<Artifactory_url>/artifactory/list/libs-release-local/

      { "errors" : [

      {     "status" : 401,     "message" : "Unauthorized"}

      ]

       

        Attachments

          Activity

              People

              Assignee:
              Unassigned
              Reporter:
              lakshmip Lakshmi Prasad
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Dates

                Created:
                Updated:

                  Sync Status

                  Connection: RTFACT Sync
                  RTMID-18522 -
                  SYNCHRONIZED
                  • Last Sync Date: