Nexus 3.6 Docker registry, curl of /v2/ endpoint returns UNAUTHORIZED error, but /v2/_catalog works

[Danny Kulchinsky]

Hello!

I've encountered a peculiar situation, we have Nexus 3.6 with a Docker repo and anonymous pull configured.

Everything seems to work as expected, but we've noticed the following:

$ curl -v -X GET <nexus>:8083/v2/

< HTTP/1.1 401 Unauthorized

< Date: Thu, 26 Oct 2017 16:38:19 GMT

* Server Nexus/3.6.0-02 (OSS) is not blacklisted

< Server: Nexus/3.6.0-02 (OSS)

< X-Frame-Options: SAMEORIGIN

< X-Content-Type-Options: nosniff

< Docker-Distribution-Api-Version: registry/2.0

< WWW-Authenticate: Bearer realm="http://<nexus>:8083/v2/token",service="http://<nexus>:8083/token"

< Content-Type: application/json

< Content-Length: 113

<

* Connection #0 to host <nexus> left intact

{"errors":[{"code":"UNAUTHORIZED","message":"access to the requested resource is not authorized","detail":null}]}

However

$ curl -v -X GET <nexus>:8083/v2/_catalog

Returns 200 OK and the full catalog of the repositories.

I assume that /v2/ endpoint is handled differently? as it responds with "WWW-Authenticate" header but why /v2/_catalog doesn't do the same?

We would like to use the /v2/ endpoint for healthcheck of the repo connector port, so I guess we'd need to perform authentication?

Any suggestions?

Regards,

Danny