Do not store session cookie when using basic auth headers

elastic · Nov 20, 2018 · d595fd2 · d595fd2
1 parent 5a038ed
commit d595fd2
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/x-pack/plugins/security/server/lib/authentication/providers/basic.js b/x-pack/plugins/security/server/lib/authentication/providers/basic.js
@@ -148,7 +148,7 @@ export class BasicAuthenticationProvider {
 
       this._options.log(['debug', 'security', 'basic'], 'Request has been authenticated via header.');
 
-      return AuthenticationResult.succeeded(user, { authorization });
+      return AuthenticationResult.succeeded(user);
     } catch(err) {
       this._options.log(['debug', 'security', 'basic'], `Failed to authenticate request via header: ${err.message}`);
       return AuthenticationResult.failed(err);