diff --git a/lib/metasploit/framework/login_scanner/glassfish.rb b/lib/metasploit/framework/login_scanner/glassfish.rb
index 32fb963f43..5b925fc5b2 100644
--- a/lib/metasploit/framework/login_scanner/glassfish.rb
+++ b/lib/metasploit/framework/login_scanner/glassfish.rb
@@ -12,7 +12,7 @@ module Metasploit
         DEFAULT_PORT  = 4848
         PRIVATE_TYPES = [ :password ]
 
-        # @!attribute version
+        # @!attribute [r] version
         #   @return [String] Glassfish version
         attr_reader :version
 
diff --git a/lib/metasploit/framework/login_scanner/http.rb b/lib/metasploit/framework/login_scanner/http.rb
index 3dfeda1c42..bb6f0ecb10 100644
--- a/lib/metasploit/framework/login_scanner/http.rb
+++ b/lib/metasploit/framework/login_scanner/http.rb
@@ -35,6 +35,7 @@ module Metasploit
                   presence: true,
                   length: { minimum: 1 }
 
+        # (see Base#check_setup)
         def check_setup
           http_client = Rex::Proto::Http::Client.new(
             host, port, {}, ssl, ssl_version
@@ -48,10 +49,10 @@ module Metasploit
           response = http_client._send_recv(request)
 
           if !(response && response.code == 401 && response.headers['WWW-Authenticate'])
-            return "No authentication required"
+            "No authentication required"
+          else
+            false
           end
-
-          false
         end
 
         # Attempt a single login with a single credential against the target.