My Oracle Support Banner

HTTP Basic Authentication fails if the authentication header has a value of "basic" instead of "Basic" (Doc ID 2016596.1)

Last updated on FEBRUARY 11, 2019

Applies to:

Oracle Service Bus - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.1.7.0 version, OSB Build

When Basic authentication is enabled for an OSB Proxy service, if the external system calls the proxy using "basic" keyword instead of "Basic" then authentication fails.

For eg:
If the HTTP header comes with value as below it succeeds:

Authorization: Basic d2VibG9naWM6d2VsY29tZTE=


but if the HTTP Header comes with value as below it fails:

Authorization: basic d2VibG9naWM6d2VsY29tZTE=



  

Error 401--Unauthorized

From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:

10.4.2 401 Unauthorized

The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.

 

 



Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
 Error 401--Unauthorized
 From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
 10.4.2 401 Unauthorized
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.