When using hawtio plugin and jolokia with no credentials, Hawtio is not returning with 401(Unauthorized) rather it still returns 403 Forbidden even though hawtio.noCredentials401 property is set to true.I have passed 'hawtio.noCredentials401' property via System variable by adding an entry in etc/system.properties.
As per Hawtio documentation it's mentioned that 'hawtio.noCredentials401=true' will cause the browser popup window to prompt for credentails, but it's not happening.
http://hawt.io/configuration/index.html
Environment: JBoss Fuse-AMQ v6.3(Karaf based containers)
Any pointers would be helpful.
It appears that jboss-a-mq-6.3.0 version is not having the fix for hawtio-issue-2005
jboss-a-mq-6.3.0.redhat-187 has hawtio version as 1.4.0.redhat-630187 whereas the fix for 'hawtio.noCredentials401' property availabe from version Hawtio 1.4.54.
If noCredentials401 property is needed in jboss-a-mq-6.3.0 version then org.apache.karaf.features.cfg file needs to be modified to upgrade Hawtio version(modify this with caution)