Forum

401 when login is atempted on a page without login

Marius Dinu
27 September 2016, 10:20
Hello.

I have a web page without login. (AccessList = allow all).
If the browser tries to send a login (https://user:password@example.com), reply is 401. Is this normal / expected to happen?
Thanks.

Request:
GET / HTTP/1.1
User-Agent: Opera/9.80 (Windows NT 5.1) Presto/2.12.388 Version/12.18
Host: logs.example.com
Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1
Accept-Language: en-US,en;q=0.9
Accept-Encoding: gzip, deflate
Authorization: Basic dGVzdDp0ZXN0
Cache-Control: no-cache
Connection: Keep-Alive
DNT: 1

Response:
HTTP/1.1 401 Unauthorized
Date: Tue, 27 Sep 2016 08:03:28 GMT
Server: Hiawatha v9.9
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
WWW-Authenticate: Digest realm="Private page", nonce="213DDC8770E93EA141E1", algorithm=MD5
Content-Length: 677
Content-Type: text/html
Hugo Leisink
5 October 2016, 16:51
I can't reproduce this issue. What is the virtual host configuration you are using?
Marius Dinu
7 October 2016, 14:47
Multiple virtual hosts, all with the same basic password file set for some subdirs. If I remember corectly, it only happens if the username:password are wrong. Maybe it checks for valid user/password before checking the access rights?

But put this issue on hold. I have more serious problems. Hiawatha as a service doesn't start in Win2003 64bit, so I can't update. See the other topic.
This topic has been closed.