diff --git a/server/auth/types/authentication_type.ts b/server/auth/types/authentication_type.ts index 14ca8ec27..e58b2a5ce 100755 --- a/server/auth/types/authentication_type.ts +++ b/server/auth/types/authentication_type.ts @@ -115,7 +115,10 @@ export abstract class AuthenticationType implements IAuthenticationType { let authInfo: any | undefined; // Adds a basic auth credentials headers to requests originated as anonymous user - if (this.config.auth.anonymous_auth_enabled) { + if ( + this.config.auth.anonymous_auth_enabled && + !request.headers.hasOwnProperty('authorization') + ) { const anonymousAuthHeaders = { authorization: ANONYMOUS_AUTH_HEADER }; Object.assign(authHeaders, anonymousAuthHeaders); } diff --git a/test/constant.ts b/test/constant.ts index 713ea05de..7987d5adf 100644 --- a/test/constant.ts +++ b/test/constant.ts @@ -13,14 +13,9 @@ * permissions and limitations under the License. */ -import { version, opensearchDashboards } from '../package.json'; - export const OPENSEARCH_DASHBOARDS_SERVER_USER: string = 'kibanaserver'; export const OPENSEARCH_DASHBOARDS_SERVER_PASSWORD: string = 'kibanaserver'; -export const ELASTICSEARCH_VERSION: string = opensearchDashboards.version; -export const SECURITY_ES_PLUGIN_VERSION: string = version; - export const ADMIN_USER: string = 'admin'; export const ADMIN_PASSWORD: string = 'admin'; const ADMIN_USER_PASS: string = `${ADMIN_USER}:${ADMIN_PASSWORD}`; diff --git a/test/jest_integration/basic_auth.test.ts b/test/jest_integration/basic_auth.test.ts index b4bbd3e55..9e1e7ae04 100644 --- a/test/jest_integration/basic_auth.test.ts +++ b/test/jest_integration/basic_auth.test.ts @@ -27,6 +27,7 @@ import { } from '../constant'; import { getAuthCookie, extractAuthCookie } from '../helper/cookie'; import wreck from '@hapi/wreck'; +import { ANONYMOUS_AUTH_HEADER } from '../../common'; describe('start OpenSearch Dashboards server', () => { let root: Root; @@ -226,16 +227,11 @@ describe('start OpenSearch Dashboards server', () => { .unset(AUTHORIZATION_HEADER_NAME); expect(response.status).toEqual(302); - expect(response.header.location).toEqual('/auth/anonymous?nextUrl=%2Fapp%2Fhome'); + expect(response.header.location).toEqual('/app/login?nextUrl=%2Fapp%2Fhome'); const response2 = await osdTestServer.request.get(root, response.header.location); - expect(response2.status).toEqual(302); - expect(response2.header.location).toEqual('/app/login?nextUrl=%2Fapp%2Fhome'); - - const response3 = await osdTestServer.request.get(root, response2.header.location); - - expect(response3.status).toEqual(200); + expect(response2.status).toEqual(200); }); it('redirect for home follows login for anonymous auth disabled', async () => { @@ -264,14 +260,10 @@ describe('start OpenSearch Dashboards server', () => { .unset(AUTHORIZATION_HEADER_NAME); expect(response.status).toEqual(302); + expect(response.header.location).toEqual(expectedPath); const response2 = await osdTestServer.request.get(root, response.header.location); - expect(response2.status).toEqual(302); - expect(response2.header.location).toEqual(expectedPath); - - const response3 = await osdTestServer.request.get(root, response2.header.location); - - expect(response3.status).toEqual(200); + expect(response2.status).toEqual(200); }); });