Missing WWW-Authenticate field in response header

Hello people!

While trying to go to Cockpit page of a started process instance through the Camunda Modeler I realized if the server has a configured authentication (HTTP Basic in this case), the Cockpit response is 401 with a missing WWW-Authenticate field in the response headers, so the browser is not showing any Username/Password entry dialog. See the GIF:

What should happen (IMO)?

The browser should open a dialog for username/password entry. This happens when I try to go to http://localhost:8080/engine-rest in my browser:

Screenshot 2020-03-19 at 10.59.252780×1068 180 KB

Why this happens?
After investigating the Response headers, it seems like the response for Cockpit start instance is lacking WWW-Authenticate field. This is the response header for /engine-rest:

Screenshot 2020-03-19 at 11.10.371142×290 27.2 KB

and this is the response header for the Cockpit URL:

Screenshot 2020-03-19 at 11.11.021206×188 15.8 KB

Should this be fixed? Or is this even a bug (maybe a feature )

Best,

Oguz

For some strange reason I cannot reproduce this issue anymore, might be browser/caching related.

I’m closing the issue.