diff --git a/registry/auth/silly/access.go b/registry/auth/silly/access.go index 20448efd..134b0ae5 100644 --- a/registry/auth/silly/access.go +++ b/registry/auth/silly/access.go @@ -82,7 +82,7 @@ func (ch *challenge) ServeHTTP(w http.ResponseWriter, r *http.Request) { header = fmt.Sprintf("%s,scope=%q", header, ch.scope) } - w.Header().Set("Authorization", header) + w.Header().Set("WWW-Authenticate", header) w.WriteHeader(http.StatusUnauthorized) } diff --git a/registry/handlers/app_test.go b/registry/handlers/app_test.go index 80f92490..cd515dd0 100644 --- a/registry/handlers/app_test.go +++ b/registry/handlers/app_test.go @@ -188,8 +188,8 @@ func TestNewApp(t *testing.T) { } expectedAuthHeader := "Bearer realm=\"realm-test\",service=\"service-test\"" - if req.Header.Get("Authorization") != expectedAuthHeader { - t.Fatalf("unexpected authorization header: %q != %q", req.Header.Get("Authorization"), expectedAuthHeader) + if e, a := expectedAuthHeader, req.Header.Get("WWW-Authenticate"); e != a { + t.Fatalf("unexpected WWW-Authenticate header: %q != %q", e, a) } var errs v2.Errors