Removed API authentication scheme from www-authenticate header.

Change-Id: Ia1a5004ff63d06f92307f16483af03b2ad2fc59e
diff --git a/core/Changes b/core/Changes
index 04ac2a9..71d464d 100644
--- a/core/Changes
+++ b/core/Changes
@@ -2,6 +2,7 @@
 
 - Added data folder containing super_client_info and database 
   for mounting into docker
+- Removed the API authentication scheme from www-authenticate header  
   
 # version 0.69.4
 
diff --git a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
index 3db6a3e..543b3fd 100644
--- a/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
+++ b/core/src/main/java/de/ids_mannheim/korap/constant/AuthenticationScheme.java
@@ -13,6 +13,7 @@
     BASIC, BEARER,
     // custom
     // SESSION, has not been supported yet 
+    @Deprecated
     API;
 
     public String displayName () {
diff --git a/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java b/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
index bce194c..8a7e2f3 100644
--- a/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
+++ b/core/src/main/java/de/ids_mannheim/korap/web/KustvaktResponseHandler.java
@@ -57,8 +57,11 @@
     public Response createUnauthenticatedResponse (String notification) {
         ResponseBuilder builder = Response.status(Response.Status.UNAUTHORIZED);
 
-        for (AuthenticationScheme s : EnumSet
-                .allOf(AuthenticationScheme.class)) {
+        EnumSet<AuthenticationScheme> schemes = EnumSet
+                .allOf(AuthenticationScheme.class);
+        schemes.remove(AuthenticationScheme.API);
+        
+        for (AuthenticationScheme s : schemes) {
             builder = builder.header(HttpHeaders.WWW_AUTHENTICATE,
                     s.displayName() + " realm=\"Kustvakt\"");
         }
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
index 7bb8ee6..26583de 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/VirtualCorpusControllerTest.java
@@ -1,6 +1,7 @@
 package de.ids_mannheim.korap.web.controller;
 
 import static org.hamcrest.CoreMatchers.hasItem;
+import static org.hamcrest.CoreMatchers.not;
 import static org.hamcrest.MatcherAssert.assertThat;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertTrue;
@@ -50,8 +51,9 @@
                 response.getHeaders().entrySet();
 
         for (Entry<String, List<Object>> header : headers) {
+            System.out.println(header.toString());
             if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
-                assertThat(header.getValue(), hasItem("Api realm=\"Kustvakt\""));
+                assertThat(header.getValue(), not(hasItem("Api realm=\"Kustvakt\"")));
                 assertThat(header.getValue(), hasItem("Bearer realm=\"Kustvakt\""));
                 assertThat(header.getValue(), hasItem("Basic realm=\"Kustvakt\""));
             }