[ https://issues.jboss.org/browse/AS7-4769?page=com.atlassian.jira.plugin.s... ] Darran Lofthouse updated AS7-4769: ---------------------------------- Description: For AS 7.1.0 we secured the server by default, to make getting started easier we added an automatic redirect on the http interface if a user attempts to connect but no users have been defined, currently this redirect is on both /console and /management We need to remove the redirect on /management as utilities connecting to this context may not be web browsers with an ability to do anything about the redirect. Instead consider a HTTP 403 with a DMR response indicating no users have been defined, the error message could even contain the URL of the error page allowing users to move from the tool to their web browser to see the page we provide. was: For AS 7.1.0 we secured the server by default, to make getting started easier we added an automatic redirect on the http interface if a user attempts to connect but no users have been defined, currently this redirect is on both /console and /management We need to remove the redirect on /management as utilities connecting to this context may not be web browsers with an ability to do anything about the redirect. Instead consider a HTTP 503 with a DMR response indicating no users have been defined, the error message could even contain the URL of the error page allowing users to move from the tool to their web browser to see the page we provide. HTTP 403 may be more appropriate as it does indicate authentication will not be sufficient to make the request succeed - we know it will not succeed as there are no users defined in the realm. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.jboss.org/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira