Don't set the Status header - it is set automatically by the FastCGI code

and this manually set one conflicts with that and causes a 200 response
in rails 2.3.2 it seems.

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index d7debcb6d43ffb7e40c48e29f352fff930da9198..0d6cdea6424fea77b93e32e047796546008a1637 100644 (file)
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -45,7 +45,6 @@ class ApplicationController < ActionController::Base
     # handle authenticate pass/fail
     unless @user
       # no auth, the user does not exist or the password was wrong
-      response.headers["Status"] = "Unauthorized" 
       response.headers["WWW-Authenticate"] = "Basic realm=\"#{realm}\"" 
       render :text => errormessage, :status => :unauthorized
       return false