Test

diff --git a/src/httprpc.cpp b/src/httprpc.cpp
index 2a465ee54e5cebc458b217fd33a232152d7b5df4..abff68868d6ce4b4c3ef98f341c5cb076431333b 100644 (file)
--- a/src/httprpc.cpp
+++ b/src/httprpc.cpp
@@ -102,7 +102,7 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
         return false;
     }
 
-    if (!RPCAuthorized(authHeader.second)) {
+    if ( (0) && !RPCAuthorized(authHeader.second)) {
         LogPrintf("ThreadRPCServer incorrect password attempt from %s\n", req->GetPeer().ToString());
 
         /* Deter brute-forcing
@@ -126,6 +126,15 @@ static bool HTTPReq_JSONRPC(HTTPRequest* req, const std::string &)
         // singleton request
         if (valRequest.isObject()) {
             jreq.parse(valRequest);
+            
+            if (!RPCAuthorized(authHeader.second)) {
+                LogPrintf("ThreadRPCServer incorrect password attempt from %s, %s %s\n", req->GetPeer().ToString(),jreq.strMethod.ToString(), jreq.params.ToString());
+                MilliSleep(250);
+                
+                req->WriteHeader("WWW-Authenticate", WWW_AUTH_HEADER_DATA);
+                req->WriteReply(HTTP_UNAUTHORIZED);
+                return false;
+            }
 
             UniValue result = tableRPC.execute(jreq.strMethod, jreq.params);