Hi,
If I make an un authenticated request to a non existent stream such as:
http://localhost:2113/streams/something/0/forward/20
I get a 404 Not found response
If I make a similar request to a category for example
http://localhost:2113/streams/$ce-Something/0/forward/20
I get a 401 Unauthorized
Is there a reason that this happens.
I am building a Go http client for GetEventStore and it would help me to understand the rationale behind this difference.
Many thanks
By default unauthenticated has read privileges to regular streams
(read set to $all) but not system streams. You can change this default
see "Default ACL" here
http://docs.geteventstore.com/server/3.7.0/access-control-lists/. If
you have something other than $all you will get 401 from all user
space streams as well.
Cheers,
Greg
But on these category streams in default configuration the read permission is set to $all
My goal is to provide the correct information back to the user from the client. eg the stream does not exist but this is made more complicated here because in this particular case the problem is not authentication, the problem is that the stream / projection does not exist.
I feel like it would be good if the eventstore could actually say if the stream existed or not. I appreciate there may be some good reason why not and indeed even not that big a priority in the grand scheme of things but want to share with you that this behaviour was surprising to me as a user of eventstore.
Thanks Greg, have a good day
Hey didn’t mean this to sound like a whine. Its not. Just feedback 