Uploaded image for project: 'StoRM'
  1. StoRM
  2. STOR-346

WebDAV DELETE response is 401 UNAUTHORIZED instead of 404 NOT EXISTS for authorized users on nonexistent resources

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 1.11.2
    • 1.11.7
    • gridhttps-server
    • Security Level: Public (Visbile by non-authn users.)
    • None

    Description

      Example:

      [vianello@omii006-vm02 ~]$ curl --cert $X509_USER_PROXY --cacert $HOME/.globus/usercert.pem --capath /etc/grid-security/certificates --verbose -X DELETE https://omii005-vm03.cnaf.infn.it:8443/dteam/sdjlakjsdljdalks
      * About to connect() to omii005-vm03.cnaf.infn.it port 8443
      *   Trying 131.154.100.20... connected
      * Connected to omii005-vm03.cnaf.infn.it (131.154.100.20) port 8443
      * successfully set certificate verify locations:
      *   CAfile: /home/vianello/.globus/usercert.pem
        CApath: /etc/grid-security/certificates
      * SSLv2, Client hello (1):
      SSLv3, TLS handshake, Server hello (2):
      SSLv3, TLS handshake, CERT (11):
      SSLv3, TLS handshake, Server key exchange (12):
      SSLv3, TLS handshake, Request CERT (13):
      SSLv3, TLS handshake, Server finished (14):
      SSLv3, TLS handshake, CERT (11):
      SSLv3, TLS handshake, Client key exchange (16):
      SSLv3, TLS handshake, CERT verify (15):
      SSLv3, TLS change cipher, Client hello (1):
      SSLv3, TLS handshake, Finished (20):
      SSLv3, TLS change cipher, Client hello (1):
      SSLv3, TLS handshake, Finished (20):
      SSL connection using DHE-RSA-AES256-SHA
      * Server certificate:
      * 	 subject: /C=IT/O=INFN/OU=Host/L=CNAF/CN=omii005-vm03.cnaf.infn.it
      * 	 start date: 2013-06-18 13:13:41 GMT
      * 	 expire date: 2014-06-18 13:13:41 GMT
      * 	 subjectAltName: omii005-vm03.cnaf.infn.it matched
      * 	 issuer: /C=IT/O=INFN/CN=INFN CA
      * SSL certificate verify ok.
      > DELETE /dteam/sdjlakjsdljdalks HTTP/1.1
      > User-Agent: curl/7.15.5 (x86_64-redhat-linux-gnu) libcurl/7.15.5 OpenSSL/0.9.8b zlib/1.2.3 libidn/0.6.5
      > Host: omii005-vm03.cnaf.infn.it:8443
      > Accept: */*
      > 
      < HTTP/1.1 401 Unauthorized
      < WWW-Authenticate: Digest realm="milton", qop="auth", nonce="ODliYTljYTItZDNhYi00OTE2LTllMjctOTg4MDg3ZDExMGYy"
      < Transfer-Encoding: chunked
      * Connection #0 to host omii005-vm03.cnaf.infn.it left intact
      * Closing connection #0
      * SSLv3, TLS alert, Client hello (1):
      

      Attachments

        Issue Links

          Activity

            People

              vianello Enrico Vianello
              vianello Enrico Vianello
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: