Two 401 responses for every Git opperation

Still need help?

The Atlassian Community is here for you.

Ask the community

Platform notice: Server and Data Center only. This article only applies to Atlassian products on the server and data center platforms.

Summary

Git operations have 3 entries in the access logs. Two 401 unauthorized responses that appear to be bad credentials, then finally an accepted 200 response.

127.0.0.1 | https | i*GVIXKXx475x1414694x1 | - | 2017-09-26 07:55:34,325 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | - | - | - | - | - | - |
127.0.0.1 | https | o*GVIXKXx475x1414694x1 | - | 2017-09-26 07:55:34,329 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | 401 | 0 | 0 | - | 4 | - |
127.0.0.1 | https | i*GVIXKXx475x1414695x1 | - | 2017-09-26 07:55:34,332 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | - | - | - | - | - | - |
127.0.0.1 | https | o*GVIXKXx475x1414695x1 | - | 2017-09-26 07:55:34,333 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | 401 | 0 | 0 | - | 0 | - |
127.0.0.1 | https | i*GVIXKXx475x1414696x1 | - | 2017-09-26 07:55:34,407 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | - | - | - | - | - | - |
127.0.0.1 | https | o*GVIXKXx475x1414696x1 | afl8fe | 2017-09-26 07:55:34,708 | "GET /scm/exp/example.git/info/refs HTTP/1.1" | "" "git/1.8.3.msysgit.0" | 200 | 0 | 2615 | refs | 301 | - |

Environment

 Bitbucket Server/DC

Cause

 The bad credentials messages are normal and should be expected for every Git operation performed over HTTP protocol (this includes HTTP and HTTPS).

Git will never send a password over HTTP unless it receives a 401 status from the server explicitly asking for the password. What this means is that on the first attempt to connect to a remote repository over http(s) Git will send only the username but not the password. When Bitbucket Server intercepts this request and can't proceed because a username and password are required, it returns the HTTP status of 401 to Git. Git receives this response, and then re-sends the request using the username and password that were provided. This dance between git and Bitbucket Server is usually handled in a couple of milliseconds.

Solution

There's no solution to hide or prevent these entries in the logs. The access logs are an accurate reflection of this GIT process and we don't have any means to remove these messages with the built-in functionality.

A possible workaround would be to use SSH to access GIT repos instead of HTTP since will reduce the 401 errors entries in the logs.

Last modified on Jul 19, 2021

Was this helpful?

Yes
No
Provide feedback about this article
Powered by Confluence and Scroll Viewport.