From a7d2b649d5d6948067d2cd40f41afb961851290c Mon Sep 17 00:00:00 2001
From: David Goetz <dpgoetz@gmail.com>
Date: Tue, 13 Mar 2012 12:01:28 -0700
Subject: [PATCH] set denied resp on requests to '/' in tempauth

Change-Id: If2e319561b3d41e09310228792356f38b7958416
---
 swift/common/middleware/tempauth.py          | 2 +-
 test/unit/common/middleware/test_tempauth.py | 6 ++++--
 2 files changed, 5 insertions(+), 3 deletions(-)

diff --git a/swift/common/middleware/tempauth.py b/swift/common/middleware/tempauth.py
index 08f8e31444..1fdfd91a7a 100644
--- a/swift/common/middleware/tempauth.py
+++ b/swift/common/middleware/tempauth.py
@@ -158,7 +158,7 @@ class TempAuth(object):
                     version, rest = split_path(env.get('PATH_INFO', ''),
                                                1, 2, True)
                 except ValueError:
-                    return HTTPNotFound()(env, start_response)
+                    version, rest = None, None
                 if rest and rest.startswith(self.reseller_prefix):
                     # Handle anonymous access to accounts I'm the definitive
                     # auth for.
diff --git a/test/unit/common/middleware/test_tempauth.py b/test/unit/common/middleware/test_tempauth.py
index ee706c1344..27a2279316 100644
--- a/test/unit/common/middleware/test_tempauth.py
+++ b/test/unit/common/middleware/test_tempauth.py
@@ -139,9 +139,11 @@ class TestAuth(unittest.TestCase):
         ath = auth.filter_factory({'auth_prefix': 'test'})(app)
         self.assertEquals(ath.auth_prefix, '/test/')
 
-    def test_top_level_ignore(self):
+    def test_top_level_deny(self):
         resp = self._make_request('/').get_response(self.test_auth)
-        self.assertEquals(resp.status_int, 404)
+        self.assertEquals(resp.status_int, 401)
+        self.assertEquals(resp.environ['swift.authorize'],
+                          self.test_auth.denied_response)
 
     def test_anon(self):
         resp = \