[BSERV-3463] Invalid "Authorization" headers for basic auth result in 500 errors

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 2.4.2
Affects Version/s: 2.3.0
Component/s: None
Labels:
None

Bug Fix Policy:
View Atlassian Server bug fix policy

Parsing for the "Authorization" header is done outside the try/finally block, in StashAuthenticationFilter, but the code may throw a BadCredentialsException if the header is not valid. Since this is outside the exception handling, it results in a 500 error instead of a 401. This is particularly problematic for git hosting operations, which abort after a 500 instead of prompting for credentials like they would on a 401.

Owen made changes - 10/Apr/2019 6:46 AM

Workflow

Original: Stash Workflow - Restricted [ 1446383 ]

New: JAC Bug Workflow v3 [ 3135375 ]

Owen made changes - 07/Jul/2016 4:04 AM

Workflow

Original: Stash Workflow [ 531713 ]

New: Stash Workflow - Restricted [ 1446383 ]

Bryan Turner (Inactive) made changes - 20/May/2013 6:55 AM

Fix Version/s		New: 2.4.2 [ 32792 ]
Resolution		New: Fixed [ 1 ]
Status	Original: To be reviewed [ 10026 ]	New: Closed [ 6 ]

Bryan Turner (Inactive) made changes - 17/May/2013 11:41 AM

Status

Original: In Progress [ 3 ]

New: To be reviewed [ 10026 ]

Bryan Turner (Inactive) made changes - 17/May/2013 10:52 AM

Status

Original: Open [ 1 ]

New: In Progress [ 3 ]

Bryan Turner (Inactive) made changes - 17/May/2013 10:52 AM

Status

Original: Needs Triage [ 10030 ]

New: Open [ 1 ]

Bryan Turner (Inactive) created issue - 17/May/2013 10:52 AM

Assignee:: Bryan Turner (Inactive)

Reporter:: Bryan Turner (Inactive)

Affected customers:: 0 This affects my team

Watchers:: 2 Start watching this issue

Created:: 17/May/2013 10:52 AM

Updated:: 20/May/2013 6:55 AM

Resolved:: 20/May/2013 6:55 AM

Bitbucket Data Center

Details

Description

Attachments

Forms

Activity

People

Dates

Backbone Issue Sync