Project

General

Profile

Actions

Bug #7014

closed

Private downloads don't work when logged in via ORCID/auth token

Added by Chris Jones over 8 years ago. Updated over 8 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Target version:
Start date:
04/22/2016
Due date:
% Done:

0%

Estimated time:
Bugzilla-Id:

Description

When logged in using the `arctic` theme on dev.nceas.ucsb.edu (i.e. via ORCID), the EML download link to the private metadata document that I created fails to download. We get:

<?xml version="1.0" encoding="UTF-8"?><error detailCode="1400" errorCode="401" name="NotAuthorized">
    <description>READ not allowed on arctic-data.11256.1</description>
</error>

An example is:

https://dev.nceas.ucsb.edu/#view/arctic-data.11256.1

The download button links directly to the /object REST endpoint:

https://dev.nceas.ucsb.edu/knb/d1/mn/v2/object/arctic-data.11256.1

My guess is that the `Authorization` header isn't getting set in this direct call, so with no auth token, it's seen as a public download.

Actions

Also available in: Atom PDF