When using any authentication method apart from basic auth causes that Jira returns 302 code and redirects to login page instead of returning 404 even though authentication could be successful.

XMLWordPrintable

    • Type: Bug
    • Resolution: Unresolved
    • Priority: Medium
    • None
    • Affects Version/s: 10.3.12, 11.1.0, 11.0.1
    • Component/s: Login, REST API
    • None
    • 10.03
    • 1
    • Severity 2 - Major

      Issue Summary

      When customer make an HTTP call to not existing resource Jira is returning 302 redirect HTTP code, despite user has valid logging credentials.

      Steps to Reproduce

      1. Use any http tool to make http calls.
      2. Make a request using Basic Auth to non existing resource e.g. `http://localhost:2990/jira/rest/apsssdfsa/2/issue/DAJ-1`
      3. Observe that Jira return `404` http code
      4. Switch to any other authentication(easiest option is to generate access token for Jira account and use it as Bearer Token)
      5. Make a request using new auth option to same resource as in the step 2: `http://localhost:2990/jira/rest/apsssdfsa/2/issue/DAJ-1`

      Expected Results

      404 HTTP code

      Actual Results

      302 HTTP redirect code to login page despite being able to authenticate user

      Workaround

      Currently there is no known workaround for this behaviour. A workaround will be added here when available

            Assignee:
            Unassigned
            Reporter:
            Stasiu
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated: