]
Bartosz Spyrko-Śmietanko updated WFLY-10894:
--------------------------------------------
Summary: [WFLY] Tests for enabling constraint drive authentication mode for elytron
(was: [WFLY] enable constraint drive authentication mode for elytron)
[WFLY] Tests for enabling constraint drive authentication mode for
elytron
--------------------------------------------------------------------------
Key: WFLY-10894
URL:
https://issues.jboss.org/browse/WFLY-10894
Project: WildFly
Issue Type: Bug
Components: Security, Web (Undertow)
Reporter: Bartosz Spyrko-Śmietanko
Assignee: Bartosz Spyrko-Śmietanko
Labels: test_included
Integration code for JBEAP-15054
----
When elytron is enabled constraint driven authentication method (i.e.
proactive-authentication=false) has no effect.
If you try to request an unsecured page sending in an invalid user with basic
authentication, you should get the page returned with constraint drive authentication and
a 401 with proactive authentication. This is what happens without Elytron enabled. But
if you enable Elytron it gives a 401 in both cases.