Removed API authentication scheme from www-authenticate header.
Change-Id: Ia1a5004ff63d06f92307f16483af03b2ad2fc59e
diff --git a/core/Changes b/core/Changes
index 04ac2a9..71d464d 100644
--- a/core/Changes
+++ b/core/Changes
@@ -2,6 +2,7 @@
- Added data folder containing super_client_info and database
for mounting into docker
+- Removed the API authentication scheme from www-authenticate header
# version 0.69.4
diff --git a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
index 3db6a3e..543b3fd 100644
--- a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
+++ b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
@@ -13,6 +13,7 @@
BASIC, BEARER,
// custom
// SESSION, has not been supported yet
+ @Deprecated
API;
public String displayName () {
diff --git a/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java b/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
index bce194c..8a7e2f3 100644
--- a/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
+++ b/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
@@ -57,8 +57,11 @@
public Response createUnauthenticatedResponse (String notification) {
ResponseBuilder builder = Response.status(Response.Status.UNAUTHORIZED);
- for (AuthenticationScheme s : EnumSet
- .allOf(AuthenticationScheme.class)) {
+ EnumSet<AuthenticationScheme> schemes = EnumSet
+ .allOf(AuthenticationScheme.class);
+ schemes.remove(AuthenticationScheme.API);
+
+ for (AuthenticationScheme s : schemes) {
builder = builder.header(HttpHeaders.WWW_AUTHENTICATE,
s.displayName() + " realm=\"Kustvakt\"");
}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index 7bb8ee6..26583de 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -1,6 +1,7 @@
package de.ids_mannheim.korap.web.controller;
import static org.hamcrest.CoreMatchers.hasItem;
+import static org.hamcrest.CoreMatchers.not;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
@@ -50,8 +51,9 @@
response.getHeaders().entrySet();
for (Entry<String, List<Object>> header : headers) {
+ System.out.println(header.toString());
if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
- assertThat(header.getValue(), hasItem("Api realm=\"Kustvakt\""));
+ assertThat(header.getValue(), not(hasItem("Api realm=\"Kustvakt\"")));
assertThat(header.getValue(), hasItem("Bearer realm=\"Kustvakt\""));
assertThat(header.getValue(), hasItem("Basic realm=\"Kustvakt\""));
}