From 6121e10adfe0095247852565d860d99590be213e Mon Sep 17 00:00:00 2001
From: John Christopher Anderson <jchris@apache.org>
Date: Sun, 25 Jul 2010 17:01:37 +0000
Subject: send a basic-auth popup header if require_valid_user=true, to prevent
 lock-out

git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979070 13f79535-47bb-0310-9956-ffa450edef68
---
 src/couchdb/couch_httpd.erl | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl
index faf14bcc..b531d3d6 100644
--- a/src/couchdb/couch_httpd.erl
+++ b/src/couchdb/couch_httpd.erl
@@ -750,7 +750,8 @@ error_headers(#httpd{mochi_req=MochiReq}=Req, Code, ErrorStr, ReasonStr) ->
                     AuthRedirect ->
                         case couch_config:get("couch_httpd_auth", "require_valid_user", "false") of
                         "true" ->
-                            {Code, []};
+                            % send the browser popup header no matter what if we are require_valid_user
+                            {Code, [{"WWW-Authenticate", "Basic realm=\"server\""}]};
                         _False ->
                             % if the accept header matches html, then do the redirect. else proceed as usual.
                             case re:run(MochiReq:get_header_value("Accept"), "html", [{capture, none}]) of
-- 
cgit v1.2.3