Change log message from warning to trace on WWW-Authenticate challenge (

opensearch-project#3364) ### Description Change warning message No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic' to trace ### Issues Resolved - Resolves opensearch-project#3273 ### Check List - [ ] New functionality includes testing - [ ] New functionality has been documented - [X] Commits are signed per the DCO using --signoff By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check [here](https://github.com/opensearch-project/OpenSearch/blob/main/CONTRIBUTING.md#developer-certificate-of-origin). --------- Signed-off-by: Priyank Bagrecha <[email protected]> Co-authored-by: Priyank Bagrecha <[email protected]>
DarshitChanpura · Sep 19, 2023 · a41638b · a41638b
1 parent 5e0ab68
commit a41638b
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
@@ -282,7 +282,9 @@ && isBlocked(((InetSocketAddress) request.getHttpChannel().getRemoteAddress()).g
 
                 if (authDomain.isChallenge() && httpAuthenticator.reRequestAuthentication(channel, null)) {
                     auditLog.logFailedLogin("<NONE>", false, null, request);
-                    log.warn("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
+                    if (isTraceEnabled) {
+                        log.trace("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
+                    }
                     return false;
                 } else {
                     // no reRequest possible