Raise 401 for invalid credentials Change-Id: Ie41b568aa45b1f09b0940e5ee1b3472a46b08db1 Resolves: openbmc/phosphor-rest-server#25 Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>

commit: dc3fbfa7d1861a4bb65fb284228a6ea155ba37a5 [log] [tgz]
author: Brad Bishop <bradleyb@fuzziesquirrel.com> Thu Sep 08 09:51:38 2016 -0400
committer: Brad Bishop <bradleyb@fuzziesquirrel.com> Thu Sep 08 11:44:55 2016 -0400
tree: 9018d39d29f15041b88d413eed2b8a76d7a2326c
parent: 7bc6d8d39daebe3529c4c31a8caa0288dfb0ecd5 [diff] [blame]
diff --git a/module/obmc/wsgi/apps/rest_dbus.py b/module/obmc/wsgi/apps/rest_dbus.py
index 246396c..fa4037f 100644
--- a/module/obmc/wsgi/apps/rest_dbus.py
+++ b/module/obmc/wsgi/apps/rest_dbus.py

@@ -41,7 +41,7 @@
     ''' Authorization plugin callback that checks
     that the user is logged in. '''
     if session is None:
-        abort(403, 'Login required')
+        abort(401, 'Login required')
 
 
 class UserInGroup:
@@ -479,7 +479,7 @@
             abort(400, self.bad_json_str % (request.json))
 
         if not self.authenticate(*request.parameter_list):
-            return self.bad_passwd_str
+            abort(401, self.bad_passwd_str)
 
         user = request.parameter_list[0]
         session = self.new_session()
commit	dc3fbfa7d1861a4bb65fb284228a6ea155ba37a5	[log] [tgz]
author	Brad Bishop <bradleyb@fuzziesquirrel.com>	Thu Sep 08 09:51:38 2016 -0400
committer	Brad Bishop <bradleyb@fuzziesquirrel.com>	Thu Sep 08 11:44:55 2016 -0400
tree	9018d39d29f15041b88d413eed2b8a76d7a2326c
parent	7bc6d8d39daebe3529c4c31a8caa0288dfb0ecd5 [diff] [blame]