From 54c8e92081c011c633d2f1415191ee0364e1dd88 Mon Sep 17 00:00:00 2001
From: Abhi Kalra <abhivka@amazon.com>
Date: Wed, 14 Dec 2022 16:32:35 +0530
Subject: [PATCH] Changing logging type to give warning for basic auth with no
 creds

Signed-off-by: Abhi Kalra <abhivka@amazon.com>
---
 src/main/java/org/opensearch/security/auth/BackendRegistry.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
index 42dc9ede07..79c63bca33 100644
--- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java
+++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
@@ -267,7 +267,7 @@ public boolean authenticate(final RestRequest request, final RestChannel channel
 
                 if(authDomain.isChallenge() && httpAuthenticator.reRequestAuthentication(channel, null)) {
                     auditLog.logFailedLogin("<NONE>", false, null, request);
-                    log.trace("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
+                    log.warn("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
                     return false;
                 } else {
                     //no reRequest possible