HTTPS Using User ID and Password Authentication


I am using the standard pub.client:http with user id and password authentication on the server I am sending to. I am using the put method. I am able to successfully send files to the server and receive back status 200.

The problem is when I try to send something and use the WRONG password; I still receive a status 200.

Should I not receive a different status code?



“401” is the appropriate HTTP status code that should be sent back from the HTTP server in the case of an authorization error.

Possible reasons for the behavious you are observing (that I can think of)
a) The HTTP server is not in total compliance with HTTP 1.1
b) The URL that you are invoking does not need an authentication

Perform a “bytesToString” operation on the response->body->bytes after pub.client:http and check the response message being sent back. That may give you some additional information.

Uday Yallapragada.

Yes Natasha - you should get a 401 Unauthorized response. Uday gave you some good ideas. However, IIRC HTTP Basic Authentication was in HTTP 1.0 itself (see [url=“Hypertext Transfer Protocol -- HTTP/1.0”]Hypertext Transfer Protocol -- HTTP/1.0 ). So its OK for the remote server to be a HTTP 1.0 server. IIRC, IS 4.6 itself is also only HTTP 1.0 compliant.

Also, under ‘Settings > Proxy’ check if your IS is going through a proxy server for outbound connections - that may be setup incorrectly.


Try running the test with the wrong password after a server restart. I had seen these kind of problems due to caching issues