From 0f169a968d62818290282681caa2bd818e161d1c Mon Sep 17 00:00:00 2001
From: Abhi Kalra <99718513+abhivka7@users.noreply.github.com>
Date: Wed, 21 Dec 2022 19:46:17 +0530
Subject: [PATCH] Changing logging type to give warning for basic auth with no
 creds (#2347)

Signed-off-by: Abhi Kalra <abhivka@amazon.com>
(cherry picked from commit a0a71da6995941baed1ec7c6bf83226591ba9b90)
---
 src/main/java/org/opensearch/security/auth/BackendRegistry.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/opensearch/security/auth/BackendRegistry.java b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
index 42dc9ede07..79c63bca33 100644
--- a/src/main/java/org/opensearch/security/auth/BackendRegistry.java
+++ b/src/main/java/org/opensearch/security/auth/BackendRegistry.java
@@ -267,7 +267,7 @@ public boolean authenticate(final RestRequest request, final RestChannel channel
 
                 if(authDomain.isChallenge() && httpAuthenticator.reRequestAuthentication(channel, null)) {
                     auditLog.logFailedLogin("<NONE>", false, null, request);
-                    log.trace("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
+                    log.warn("No 'Authorization' header, send 401 and 'WWW-Authenticate Basic'");
                     return false;
                 } else {
                     //no reRequest possible