Bug 1374797

Summary: SwitchYard HTTP Basic Auth is case-sensitive, in violation of rfc2617
Product: [JBoss] JBoss Fuse Service Works 6 Reporter: Rick Wagner <rwagner>
Component: SwitchYardAssignee: Rob Cernich <rcernich>
Status: CLOSED WONTFIX QA Contact: Matej Melko <mmelko>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.0.0 GACC: soa-p-jira
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2016-09-09 16:28:37 UTC Type: Support Patch
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Rick Wagner 2016-09-09 16:25:11 UTC 
rfc2617 [1] specifically states that the 'Basic' token should be case-insensitive, but SwitchYard is rejecting requests that use 'BASIC' instead of 'Basic'.

This is causing a compatibility issue for a customer that relies upon the behavior previously noted with SOA-P. (Case insensitive, per the spec.)

--------------------
1.2 Access Authentication Framework

HTTP provides a simple challenge-response authentication mechanism
that MAY be used by a server to challenge a client request and by a
client to provide authentication information. It uses an extensible,
case-insensitive token to identify the authentication scheme.......
-------------------------

[1] https://www.ietf.org/rfc/rfc2617.txt