[auth] log and return 401 when checking mTLS for http writes with una…

…uthenticated reads enabled Access was previously being denied correctly, but we were returning success (200) to the client and not logging an event on the server.
buchgr · Sep 9, 2021 · 90b107c · 90b107c
1 parent a07cdc4
commit 90b107c
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/server/http.go b/server/http.go
@@ -264,6 +264,8 @@ func (h *httpCache) CacheHandler(w http.ResponseWriter, r *http.Request) {
 
 	case http.MethodPut:
 		if h.checkClientCertForWrites && !h.hasValidClientCert(w, r) {
+			http.Error(w, "Authentication required for write access", http.StatusUnauthorized)
+			h.logResponse(http.StatusUnauthorized, r)
 			return
 		}