You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Bharat <bh...@gmail.com> on 2010/04/28 19:33:31 UTC
jcouchdb anyone?
I am trying to use jcouchdb api for authenticating against my couchdb
instance(0.11). I have set the admin usr/pass in futon and in addition
specified ADMIN and READER on the DB I am trying to access so only people
with correct credentials can access/view the DB.
My code is pretty simple and directly using ServerImpl and its
setCredentials and get method:
-------------------------
ServerImpl service = new ServerImpl("localhost");
Credentials credentials =
new UsernamePasswordCredentials(<usr>, <pass>);
AuthScope authScope = new AuthScope("http://localhost", 5984);
service.setCredentials(authScope, credentials);
Response res = service.get(/<database>);
-----------------------------
But everytime I do this, I keep getting http 401 in my response. Is there
something I am missing or not setting correctly?
I know its not exactly a couchdb question but there is very little to no
documentation available so thought I ll try here.
Thanks!
Re: jcouchdb anyone?
Posted by Adam Kocoloski <ko...@apache.org>.
Hi Bharat, the credentials you supply in the setCredentials method should be set automatically for any local databases (those not specified with a URL) in the replication request. If they aren't, that's a regression in CouchDB.
We don't assume that the same credentials will be valid for remote databases. I suppose we could consider patching CouchDB to supply the credentials from the replication request on a 401 Unauthorized challenge from a remote server, but I think the current behavior is probably less surprising. I'm not sure I want CouchDB sharing my username and password with a remote server when I don't explicitly authorize that. Best,
Adam
On May 1, 2010, at 6:49 PM, Bharat wrote:
> Hi Adam, yes if you specify username and password in the source and target,
> it works fine.
>
> replicate(http://username:pass@localhost
> :5984/sourceDB, http://username:pass@localhost:5984/targetDB, false);
>
> My question was, why it doesnt work by just setting "setCredentials" method
> like I am doing for all get, put etc methods? Shouldnt it take care of auth
> so we dont have to pass usr/pass again in the post body? Because if I use
> above approach, I have to specify URls along with source and target DB which
> causes replication to slow down(which I can get around by using pull
> replication though).
>
> Thanks!
>
> On Sat, May 1, 2010 at 6:21 AM, Adam Kocoloski <ko...@apache.org> wrote:
>
>> Hi Bharat, if your source or target DB requires authorization and is
>> specified using a URL, you need to include the credentials in the POST body.
>> Is that the problem?
>>
>> Adam
>>
>> On Apr 30, 2010, at 7:35 PM, Bharat wrote:
>>
>>> back to this.
>>>
>>> Looks like authentication works for mostly all other requests but not
>>> replication which is using a HttpPost object. Anyone seeing this
>> behavior?
>>> Again pretty striaght fwd code, using the same auth (after killing my
>> login
>>> ServerImpl instance):
>>>
>>> ServerImpl service = new ServerImpl(sourceUrl);
>>> Credentials credentials = new
>>> UsernamePasswordCredentials("username", "password");
>>> AuthScope authScope = new AuthScope(sourceUrl, port,
>> "_admin");
>>> service.setCredentials(authScope, credentials);
>>>
>>> ReplicationInfo repInfo = service.replicate(sourceDbName,
>>> targetDbName, false);
>>> ----------------------
>>>
>>> I see this in the logs:
>>>
>>> [debug] [<0.2228.0>] 'POST' /_replicate {1,1}
>>> Headers: [{'Connection',"Keep-Alive"},
>>> {'Content-Encoding',"UTF-8"},
>>> {'Content-Length',"44"},
>>> {'Content-Type',"application/json"},
>>> {'Host',"localhost:5984"}]
>>> [debug] [<0.2228.0>] OAuth Params: []
>>> [debug] [<0.2246.0>] Not a reader: UserCtx {user_ctx,null,[],undefined}
>> vs
>>> Names [<<"username">>] Roles [<<"_admin">>]
>>> [error] [<0.2246.0>] {error_report,<0.30.0>,
>>> {<0.2246.0>,crash_report,
>>> [[{initial_call,{couch_rep,init,['Argument__1']}},
>>> {pid,<0.2246.0>},
>>> {registered_name,[]},
>>> {error_info,
>>> {exit,
>>> {bad_return_value,
>>> {unauthorized,
>>> <<"You are not authorized to access this db.">>}},
>>> [{gen_server,init_it,6},{proc_lib,init_p_do_apply,3}]}},
>>> {ancestors,
>>>
>>> [couch_rep_sup,couch_primary_services,couch_server_sup,<0.31.0>]},
>>> {messages,[]},
>>> {links,[<0.80.0>]},
>>> {dictionary,[]},
>>> {trap_exit,true},
>>> {status,running},
>>> {heap_size,987},
>>> {stack_size,24},
>>> {reductions,326}],
>>> []]}}
>>>
>>> =CRASH REPORT==== 30-Apr-2010::16:28:14 ===
>>> crasher:
>>> initial call: couch_rep:init/1
>>> pid: <0.2246.0>
>>> registered_name: []
>>> exception exit: {bad_return_value,
>>> {unauthorized,
>>> <<"You are not authorized to access this
>>> db.">>}}
>>> in function gen_server:init_it/6
>>> ancestors: [couch_rep_sup,couch_primary_services,couch_server_sup,
>>> <0.31.0>]
>>> messages: []
>>> links: [<0.80.0>]
>>> dictionary: []
>>> trap_exit: true
>>> status: running
>>> heap_size: 987
>>> stack_size: 24
>>> reductions: 326
>>> neighbours:
>>> [error] [<0.2228.0>] Uncaught error in HTTP request: {error,
>>> {case_clause,
>>> {error,
>>> {bad_return_value,
>>> {unauthorized,
>>> <<"You are not authorized to access
>>> this db.">>}}}}}
>>> [info] [<0.2228.0>] Stacktrace: [{couch_rep,start_replication_server,1},
>>> {couch_rep,replicate,2},
>>> {couch_httpd_misc_handlers,handle_replicate_req,1},
>>> {couch_httpd,handle_request_int,5},
>>> {mochiweb_http,headers,5},
>>> {proc_lib,init_p_do_apply,3}]
>>> [info] [<0.2228.0>] 127.0.0.1 - - 'POST' /_replicate 500
>>> [debug] [<0.2228.0>] httpd 500 error response:
>>> {"error":"case_clause","reason":"{error,\n {bad_return_value,\n
>>> {unauthorized,<<\"You are not authorized to access this db.\">>}}}"}
>>> ------------------------------------
>>>
>>> On Wed, Apr 28, 2010 at 1:09 PM, Bharat <bh...@gmail.com> wrote:
>>>
>>>> Perfect James.
>>>> Thats what I was missing. Uncommenting WWW-authenticate and passing that
>> as
>>>> a realm, works.
>>>>
>>>> Thanks guys.
>>>>
>>>> On Wed, Apr 28, 2010 at 1:00 PM, James Marca <
>> jmarca@translab.its.uci.edu>wrote:
>>>>
>>>>> Perhaps try passing the "authority" key when setting the AuthScope?
>>>>>
>>>>> Example:
>>>>>
>>>>> my /etc/couchdb/local.ini has:
>>>>>
>>>>> ...
>>>>> [httpd]
>>>>> ; Uncomment next line to trigger basic-auth popup on unauthorized
>>>>> requests.
>>>>> WWW-Authenticate = Basic realm="administrator"
>>>>> ...
>>>>>
>>>>>
>>>>> My code in a test case looks as follows:
>>>>>
>>>>>
>>>>> ...
>>>>> private static final String TESTDB_AUTHORITY = "administrator";
>>>>> ...
>>>>>
>>>>> @Before
>>>>> public void setUp() throws Exception {
>>>>> // load couchdb properties
>>>>>
>>>>>
>> props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
>>>>>
>>>>> ...
>>>>>
>>>>> dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
>>>>> user =props.getProperty("couchdb.db.user");
>>>>> pass =props.getProperty("couchdb.db.password");
>>>>> authority
>>>>> =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
>>>>>
>>>>> ...
>>>>> }
>>>>>
>>>>>
>>>>>
>>>>> then later, I create dbs as follows...note the authority in AuthScope
>> new
>>>>> call
>>>>>
>>>>> public static Database createDatabaseForTest()
>>>>> {
>>>>> // Load couchdb properties
>>>>> Server server = new ServerImpl(host,port);
>>>>> if(user != null && pass !=null) {
>>>>> AuthScope as = new AuthScope(host, port, authority);
>>>>> Credentials c = new UsernamePasswordCredentials(user, pass);
>>>>> server.setCredentials(as,c);
>>>>> }
>>>>>
>>>>> List<String> databases = server.listDatabases();
>>>>>
>>>>> log.debug("databases = " + databases);
>>>>>
>>>>> ...
>>>>>
>>>>> }
>>>>>
>>>>> Hope that helps,
>>>>> James
>>>>>
>>>>>
>>>>>
>>>>> On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
>>>>>> I am trying to use jcouchdb api for authenticating against my couchdb
>>>>>> instance(0.11). I have set the admin usr/pass in futon and in addition
>>>>>> specified ADMIN and READER on the DB I am trying to access so only
>>>>> people
>>>>>> with correct credentials can access/view the DB.
>>>>>>
>>>>>> My code is pretty simple and directly using ServerImpl and its
>>>>>> setCredentials and get method:
>>>>>>
>>>>>> -------------------------
>>>>>> ServerImpl service = new ServerImpl("localhost");
>>>>>> Credentials credentials =
>>>>>> new UsernamePasswordCredentials(<usr>, <pass>);
>>>>>> AuthScope authScope = new AuthScope("http://localhost", 5984);
>>>>>>
>>>>>> service.setCredentials(authScope, credentials);
>>>>>>
>>>>>> Response res = service.get(/<database>);
>>>>>> -----------------------------
>>>>>>
>>>>>> But everytime I do this, I keep getting http 401 in my response. Is
>>>>> there
>>>>>> something I am missing or not setting correctly?
>>>>>>
>>>>>> I know its not exactly a couchdb question but there is very little to
>> no
>>>>>> documentation available so thought I ll try here.
>>>>>>
>>>>>> Thanks!
>>>>>
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>>>
>>>>>
>>>>
>>
>>
Re: jcouchdb anyone?
Posted by Bharat <bh...@gmail.com>.
Hi Adam, yes if you specify username and password in the source and target,
it works fine.
replicate(http://username:pass@localhost
:5984/sourceDB, http://username:pass@localhost:5984/targetDB, false);
My question was, why it doesnt work by just setting "setCredentials" method
like I am doing for all get, put etc methods? Shouldnt it take care of auth
so we dont have to pass usr/pass again in the post body? Because if I use
above approach, I have to specify URls along with source and target DB which
causes replication to slow down(which I can get around by using pull
replication though).
Thanks!
On Sat, May 1, 2010 at 6:21 AM, Adam Kocoloski <ko...@apache.org> wrote:
> Hi Bharat, if your source or target DB requires authorization and is
> specified using a URL, you need to include the credentials in the POST body.
> Is that the problem?
>
> Adam
>
> On Apr 30, 2010, at 7:35 PM, Bharat wrote:
>
> > back to this.
> >
> > Looks like authentication works for mostly all other requests but not
> > replication which is using a HttpPost object. Anyone seeing this
> behavior?
> > Again pretty striaght fwd code, using the same auth (after killing my
> login
> > ServerImpl instance):
> >
> > ServerImpl service = new ServerImpl(sourceUrl);
> > Credentials credentials = new
> > UsernamePasswordCredentials("username", "password");
> > AuthScope authScope = new AuthScope(sourceUrl, port,
> "_admin");
> > service.setCredentials(authScope, credentials);
> >
> > ReplicationInfo repInfo = service.replicate(sourceDbName,
> > targetDbName, false);
> > ----------------------
> >
> > I see this in the logs:
> >
> > [debug] [<0.2228.0>] 'POST' /_replicate {1,1}
> > Headers: [{'Connection',"Keep-Alive"},
> > {'Content-Encoding',"UTF-8"},
> > {'Content-Length',"44"},
> > {'Content-Type',"application/json"},
> > {'Host',"localhost:5984"}]
> > [debug] [<0.2228.0>] OAuth Params: []
> > [debug] [<0.2246.0>] Not a reader: UserCtx {user_ctx,null,[],undefined}
> vs
> > Names [<<"username">>] Roles [<<"_admin">>]
> > [error] [<0.2246.0>] {error_report,<0.30.0>,
> > {<0.2246.0>,crash_report,
> > [[{initial_call,{couch_rep,init,['Argument__1']}},
> > {pid,<0.2246.0>},
> > {registered_name,[]},
> > {error_info,
> > {exit,
> > {bad_return_value,
> > {unauthorized,
> > <<"You are not authorized to access this db.">>}},
> > [{gen_server,init_it,6},{proc_lib,init_p_do_apply,3}]}},
> > {ancestors,
> >
> > [couch_rep_sup,couch_primary_services,couch_server_sup,<0.31.0>]},
> > {messages,[]},
> > {links,[<0.80.0>]},
> > {dictionary,[]},
> > {trap_exit,true},
> > {status,running},
> > {heap_size,987},
> > {stack_size,24},
> > {reductions,326}],
> > []]}}
> >
> > =CRASH REPORT==== 30-Apr-2010::16:28:14 ===
> > crasher:
> > initial call: couch_rep:init/1
> > pid: <0.2246.0>
> > registered_name: []
> > exception exit: {bad_return_value,
> > {unauthorized,
> > <<"You are not authorized to access this
> > db.">>}}
> > in function gen_server:init_it/6
> > ancestors: [couch_rep_sup,couch_primary_services,couch_server_sup,
> > <0.31.0>]
> > messages: []
> > links: [<0.80.0>]
> > dictionary: []
> > trap_exit: true
> > status: running
> > heap_size: 987
> > stack_size: 24
> > reductions: 326
> > neighbours:
> > [error] [<0.2228.0>] Uncaught error in HTTP request: {error,
> > {case_clause,
> > {error,
> > {bad_return_value,
> > {unauthorized,
> > <<"You are not authorized to access
> > this db.">>}}}}}
> > [info] [<0.2228.0>] Stacktrace: [{couch_rep,start_replication_server,1},
> > {couch_rep,replicate,2},
> > {couch_httpd_misc_handlers,handle_replicate_req,1},
> > {couch_httpd,handle_request_int,5},
> > {mochiweb_http,headers,5},
> > {proc_lib,init_p_do_apply,3}]
> > [info] [<0.2228.0>] 127.0.0.1 - - 'POST' /_replicate 500
> > [debug] [<0.2228.0>] httpd 500 error response:
> > {"error":"case_clause","reason":"{error,\n {bad_return_value,\n
> > {unauthorized,<<\"You are not authorized to access this db.\">>}}}"}
> > ------------------------------------
> >
> > On Wed, Apr 28, 2010 at 1:09 PM, Bharat <bh...@gmail.com> wrote:
> >
> >> Perfect James.
> >> Thats what I was missing. Uncommenting WWW-authenticate and passing that
> as
> >> a realm, works.
> >>
> >> Thanks guys.
> >>
> >> On Wed, Apr 28, 2010 at 1:00 PM, James Marca <
> jmarca@translab.its.uci.edu>wrote:
> >>
> >>> Perhaps try passing the "authority" key when setting the AuthScope?
> >>>
> >>> Example:
> >>>
> >>> my /etc/couchdb/local.ini has:
> >>>
> >>> ...
> >>> [httpd]
> >>> ; Uncomment next line to trigger basic-auth popup on unauthorized
> >>> requests.
> >>> WWW-Authenticate = Basic realm="administrator"
> >>> ...
> >>>
> >>>
> >>> My code in a test case looks as follows:
> >>>
> >>>
> >>> ...
> >>> private static final String TESTDB_AUTHORITY = "administrator";
> >>> ...
> >>>
> >>> @Before
> >>> public void setUp() throws Exception {
> >>> // load couchdb properties
> >>>
> >>>
> props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
> >>>
> >>> ...
> >>>
> >>> dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
> >>> user =props.getProperty("couchdb.db.user");
> >>> pass =props.getProperty("couchdb.db.password");
> >>> authority
> >>> =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
> >>>
> >>> ...
> >>> }
> >>>
> >>>
> >>>
> >>> then later, I create dbs as follows...note the authority in AuthScope
> new
> >>> call
> >>>
> >>> public static Database createDatabaseForTest()
> >>> {
> >>> // Load couchdb properties
> >>> Server server = new ServerImpl(host,port);
> >>> if(user != null && pass !=null) {
> >>> AuthScope as = new AuthScope(host, port, authority);
> >>> Credentials c = new UsernamePasswordCredentials(user, pass);
> >>> server.setCredentials(as,c);
> >>> }
> >>>
> >>> List<String> databases = server.listDatabases();
> >>>
> >>> log.debug("databases = " + databases);
> >>>
> >>> ...
> >>>
> >>> }
> >>>
> >>> Hope that helps,
> >>> James
> >>>
> >>>
> >>>
> >>> On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
> >>>> I am trying to use jcouchdb api for authenticating against my couchdb
> >>>> instance(0.11). I have set the admin usr/pass in futon and in addition
> >>>> specified ADMIN and READER on the DB I am trying to access so only
> >>> people
> >>>> with correct credentials can access/view the DB.
> >>>>
> >>>> My code is pretty simple and directly using ServerImpl and its
> >>>> setCredentials and get method:
> >>>>
> >>>> -------------------------
> >>>> ServerImpl service = new ServerImpl("localhost");
> >>>> Credentials credentials =
> >>>> new UsernamePasswordCredentials(<usr>, <pass>);
> >>>> AuthScope authScope = new AuthScope("http://localhost", 5984);
> >>>>
> >>>> service.setCredentials(authScope, credentials);
> >>>>
> >>>> Response res = service.get(/<database>);
> >>>> -----------------------------
> >>>>
> >>>> But everytime I do this, I keep getting http 401 in my response. Is
> >>> there
> >>>> something I am missing or not setting correctly?
> >>>>
> >>>> I know its not exactly a couchdb question but there is very little to
> no
> >>>> documentation available so thought I ll try here.
> >>>>
> >>>> Thanks!
> >>>
> >>> --
> >>> This message has been scanned for viruses and
> >>> dangerous content by MailScanner, and is
> >>> believed to be clean.
> >>>
> >>>
> >>
>
>
Re: jcouchdb anyone?
Posted by Adam Kocoloski <ko...@apache.org>.
Hi Bharat, if your source or target DB requires authorization and is specified using a URL, you need to include the credentials in the POST body. Is that the problem?
Adam
On Apr 30, 2010, at 7:35 PM, Bharat wrote:
> back to this.
>
> Looks like authentication works for mostly all other requests but not
> replication which is using a HttpPost object. Anyone seeing this behavior?
> Again pretty striaght fwd code, using the same auth (after killing my login
> ServerImpl instance):
>
> ServerImpl service = new ServerImpl(sourceUrl);
> Credentials credentials = new
> UsernamePasswordCredentials("username", "password");
> AuthScope authScope = new AuthScope(sourceUrl, port, "_admin");
> service.setCredentials(authScope, credentials);
>
> ReplicationInfo repInfo = service.replicate(sourceDbName,
> targetDbName, false);
> ----------------------
>
> I see this in the logs:
>
> [debug] [<0.2228.0>] 'POST' /_replicate {1,1}
> Headers: [{'Connection',"Keep-Alive"},
> {'Content-Encoding',"UTF-8"},
> {'Content-Length',"44"},
> {'Content-Type',"application/json"},
> {'Host',"localhost:5984"}]
> [debug] [<0.2228.0>] OAuth Params: []
> [debug] [<0.2246.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs
> Names [<<"username">>] Roles [<<"_admin">>]
> [error] [<0.2246.0>] {error_report,<0.30.0>,
> {<0.2246.0>,crash_report,
> [[{initial_call,{couch_rep,init,['Argument__1']}},
> {pid,<0.2246.0>},
> {registered_name,[]},
> {error_info,
> {exit,
> {bad_return_value,
> {unauthorized,
> <<"You are not authorized to access this db.">>}},
> [{gen_server,init_it,6},{proc_lib,init_p_do_apply,3}]}},
> {ancestors,
>
> [couch_rep_sup,couch_primary_services,couch_server_sup,<0.31.0>]},
> {messages,[]},
> {links,[<0.80.0>]},
> {dictionary,[]},
> {trap_exit,true},
> {status,running},
> {heap_size,987},
> {stack_size,24},
> {reductions,326}],
> []]}}
>
> =CRASH REPORT==== 30-Apr-2010::16:28:14 ===
> crasher:
> initial call: couch_rep:init/1
> pid: <0.2246.0>
> registered_name: []
> exception exit: {bad_return_value,
> {unauthorized,
> <<"You are not authorized to access this
> db.">>}}
> in function gen_server:init_it/6
> ancestors: [couch_rep_sup,couch_primary_services,couch_server_sup,
> <0.31.0>]
> messages: []
> links: [<0.80.0>]
> dictionary: []
> trap_exit: true
> status: running
> heap_size: 987
> stack_size: 24
> reductions: 326
> neighbours:
> [error] [<0.2228.0>] Uncaught error in HTTP request: {error,
> {case_clause,
> {error,
> {bad_return_value,
> {unauthorized,
> <<"You are not authorized to access
> this db.">>}}}}}
> [info] [<0.2228.0>] Stacktrace: [{couch_rep,start_replication_server,1},
> {couch_rep,replicate,2},
> {couch_httpd_misc_handlers,handle_replicate_req,1},
> {couch_httpd,handle_request_int,5},
> {mochiweb_http,headers,5},
> {proc_lib,init_p_do_apply,3}]
> [info] [<0.2228.0>] 127.0.0.1 - - 'POST' /_replicate 500
> [debug] [<0.2228.0>] httpd 500 error response:
> {"error":"case_clause","reason":"{error,\n {bad_return_value,\n
> {unauthorized,<<\"You are not authorized to access this db.\">>}}}"}
> ------------------------------------
>
> On Wed, Apr 28, 2010 at 1:09 PM, Bharat <bh...@gmail.com> wrote:
>
>> Perfect James.
>> Thats what I was missing. Uncommenting WWW-authenticate and passing that as
>> a realm, works.
>>
>> Thanks guys.
>>
>> On Wed, Apr 28, 2010 at 1:00 PM, James Marca <jm...@translab.its.uci.edu>wrote:
>>
>>> Perhaps try passing the "authority" key when setting the AuthScope?
>>>
>>> Example:
>>>
>>> my /etc/couchdb/local.ini has:
>>>
>>> ...
>>> [httpd]
>>> ; Uncomment next line to trigger basic-auth popup on unauthorized
>>> requests.
>>> WWW-Authenticate = Basic realm="administrator"
>>> ...
>>>
>>>
>>> My code in a test case looks as follows:
>>>
>>>
>>> ...
>>> private static final String TESTDB_AUTHORITY = "administrator";
>>> ...
>>>
>>> @Before
>>> public void setUp() throws Exception {
>>> // load couchdb properties
>>>
>>> props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
>>>
>>> ...
>>>
>>> dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
>>> user =props.getProperty("couchdb.db.user");
>>> pass =props.getProperty("couchdb.db.password");
>>> authority
>>> =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
>>>
>>> ...
>>> }
>>>
>>>
>>>
>>> then later, I create dbs as follows...note the authority in AuthScope new
>>> call
>>>
>>> public static Database createDatabaseForTest()
>>> {
>>> // Load couchdb properties
>>> Server server = new ServerImpl(host,port);
>>> if(user != null && pass !=null) {
>>> AuthScope as = new AuthScope(host, port, authority);
>>> Credentials c = new UsernamePasswordCredentials(user, pass);
>>> server.setCredentials(as,c);
>>> }
>>>
>>> List<String> databases = server.listDatabases();
>>>
>>> log.debug("databases = " + databases);
>>>
>>> ...
>>>
>>> }
>>>
>>> Hope that helps,
>>> James
>>>
>>>
>>>
>>> On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
>>>> I am trying to use jcouchdb api for authenticating against my couchdb
>>>> instance(0.11). I have set the admin usr/pass in futon and in addition
>>>> specified ADMIN and READER on the DB I am trying to access so only
>>> people
>>>> with correct credentials can access/view the DB.
>>>>
>>>> My code is pretty simple and directly using ServerImpl and its
>>>> setCredentials and get method:
>>>>
>>>> -------------------------
>>>> ServerImpl service = new ServerImpl("localhost");
>>>> Credentials credentials =
>>>> new UsernamePasswordCredentials(<usr>, <pass>);
>>>> AuthScope authScope = new AuthScope("http://localhost", 5984);
>>>>
>>>> service.setCredentials(authScope, credentials);
>>>>
>>>> Response res = service.get(/<database>);
>>>> -----------------------------
>>>>
>>>> But everytime I do this, I keep getting http 401 in my response. Is
>>> there
>>>> something I am missing or not setting correctly?
>>>>
>>>> I know its not exactly a couchdb question but there is very little to no
>>>> documentation available so thought I ll try here.
>>>>
>>>> Thanks!
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>>
>>
Re: jcouchdb anyone?
Posted by Bharat <bh...@gmail.com>.
back to this.
Looks like authentication works for mostly all other requests but not
replication which is using a HttpPost object. Anyone seeing this behavior?
Again pretty striaght fwd code, using the same auth (after killing my login
ServerImpl instance):
ServerImpl service = new ServerImpl(sourceUrl);
Credentials credentials = new
UsernamePasswordCredentials("username", "password");
AuthScope authScope = new AuthScope(sourceUrl, port, "_admin");
service.setCredentials(authScope, credentials);
ReplicationInfo repInfo = service.replicate(sourceDbName,
targetDbName, false);
----------------------
I see this in the logs:
[debug] [<0.2228.0>] 'POST' /_replicate {1,1}
Headers: [{'Connection',"Keep-Alive"},
{'Content-Encoding',"UTF-8"},
{'Content-Length',"44"},
{'Content-Type',"application/json"},
{'Host',"localhost:5984"}]
[debug] [<0.2228.0>] OAuth Params: []
[debug] [<0.2246.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs
Names [<<"username">>] Roles [<<"_admin">>]
[error] [<0.2246.0>] {error_report,<0.30.0>,
{<0.2246.0>,crash_report,
[[{initial_call,{couch_rep,init,['Argument__1']}},
{pid,<0.2246.0>},
{registered_name,[]},
{error_info,
{exit,
{bad_return_value,
{unauthorized,
<<"You are not authorized to access this db.">>}},
[{gen_server,init_it,6},{proc_lib,init_p_do_apply,3}]}},
{ancestors,
[couch_rep_sup,couch_primary_services,couch_server_sup,<0.31.0>]},
{messages,[]},
{links,[<0.80.0>]},
{dictionary,[]},
{trap_exit,true},
{status,running},
{heap_size,987},
{stack_size,24},
{reductions,326}],
[]]}}
=CRASH REPORT==== 30-Apr-2010::16:28:14 ===
crasher:
initial call: couch_rep:init/1
pid: <0.2246.0>
registered_name: []
exception exit: {bad_return_value,
{unauthorized,
<<"You are not authorized to access this
db.">>}}
in function gen_server:init_it/6
ancestors: [couch_rep_sup,couch_primary_services,couch_server_sup,
<0.31.0>]
messages: []
links: [<0.80.0>]
dictionary: []
trap_exit: true
status: running
heap_size: 987
stack_size: 24
reductions: 326
neighbours:
[error] [<0.2228.0>] Uncaught error in HTTP request: {error,
{case_clause,
{error,
{bad_return_value,
{unauthorized,
<<"You are not authorized to access
this db.">>}}}}}
[info] [<0.2228.0>] Stacktrace: [{couch_rep,start_replication_server,1},
{couch_rep,replicate,2},
{couch_httpd_misc_handlers,handle_replicate_req,1},
{couch_httpd,handle_request_int,5},
{mochiweb_http,headers,5},
{proc_lib,init_p_do_apply,3}]
[info] [<0.2228.0>] 127.0.0.1 - - 'POST' /_replicate 500
[debug] [<0.2228.0>] httpd 500 error response:
{"error":"case_clause","reason":"{error,\n {bad_return_value,\n
{unauthorized,<<\"You are not authorized to access this db.\">>}}}"}
------------------------------------
On Wed, Apr 28, 2010 at 1:09 PM, Bharat <bh...@gmail.com> wrote:
> Perfect James.
> Thats what I was missing. Uncommenting WWW-authenticate and passing that as
> a realm, works.
>
> Thanks guys.
>
> On Wed, Apr 28, 2010 at 1:00 PM, James Marca <jm...@translab.its.uci.edu>wrote:
>
>> Perhaps try passing the "authority" key when setting the AuthScope?
>>
>> Example:
>>
>> my /etc/couchdb/local.ini has:
>>
>> ...
>> [httpd]
>> ; Uncomment next line to trigger basic-auth popup on unauthorized
>> requests.
>> WWW-Authenticate = Basic realm="administrator"
>> ...
>>
>>
>> My code in a test case looks as follows:
>>
>>
>> ...
>> private static final String TESTDB_AUTHORITY = "administrator";
>> ...
>>
>> @Before
>> public void setUp() throws Exception {
>> // load couchdb properties
>>
>> props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
>>
>> ...
>>
>> dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
>> user =props.getProperty("couchdb.db.user");
>> pass =props.getProperty("couchdb.db.password");
>> authority
>> =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
>>
>> ...
>> }
>>
>>
>>
>> then later, I create dbs as follows...note the authority in AuthScope new
>> call
>>
>> public static Database createDatabaseForTest()
>> {
>> // Load couchdb properties
>> Server server = new ServerImpl(host,port);
>> if(user != null && pass !=null) {
>> AuthScope as = new AuthScope(host, port, authority);
>> Credentials c = new UsernamePasswordCredentials(user, pass);
>> server.setCredentials(as,c);
>> }
>>
>> List<String> databases = server.listDatabases();
>>
>> log.debug("databases = " + databases);
>>
>> ...
>>
>> }
>>
>> Hope that helps,
>> James
>>
>>
>>
>> On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
>> > I am trying to use jcouchdb api for authenticating against my couchdb
>> > instance(0.11). I have set the admin usr/pass in futon and in addition
>> > specified ADMIN and READER on the DB I am trying to access so only
>> people
>> > with correct credentials can access/view the DB.
>> >
>> > My code is pretty simple and directly using ServerImpl and its
>> > setCredentials and get method:
>> >
>> > -------------------------
>> > ServerImpl service = new ServerImpl("localhost");
>> > Credentials credentials =
>> > new UsernamePasswordCredentials(<usr>, <pass>);
>> > AuthScope authScope = new AuthScope("http://localhost", 5984);
>> >
>> > service.setCredentials(authScope, credentials);
>> >
>> > Response res = service.get(/<database>);
>> > -----------------------------
>> >
>> > But everytime I do this, I keep getting http 401 in my response. Is
>> there
>> > something I am missing or not setting correctly?
>> >
>> > I know its not exactly a couchdb question but there is very little to no
>> > documentation available so thought I ll try here.
>> >
>> > Thanks!
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>
Re: jcouchdb anyone?
Posted by Bharat <bh...@gmail.com>.
Perfect James.
Thats what I was missing. Uncommenting WWW-authenticate and passing that as
a realm, works.
Thanks guys.
On Wed, Apr 28, 2010 at 1:00 PM, James Marca <jm...@translab.its.uci.edu>wrote:
> Perhaps try passing the "authority" key when setting the AuthScope?
>
> Example:
>
> my /etc/couchdb/local.ini has:
>
> ...
> [httpd]
> ; Uncomment next line to trigger basic-auth popup on unauthorized requests.
> WWW-Authenticate = Basic realm="administrator"
> ...
>
>
> My code in a test case looks as follows:
>
>
> ...
> private static final String TESTDB_AUTHORITY = "administrator";
> ...
>
> @Before
> public void setUp() throws Exception {
> // load couchdb properties
>
> props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
>
> ...
>
> dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
> user =props.getProperty("couchdb.db.user");
> pass =props.getProperty("couchdb.db.password");
> authority
> =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
>
> ...
> }
>
>
>
> then later, I create dbs as follows...note the authority in AuthScope new
> call
>
> public static Database createDatabaseForTest()
> {
> // Load couchdb properties
> Server server = new ServerImpl(host,port);
> if(user != null && pass !=null) {
> AuthScope as = new AuthScope(host, port, authority);
> Credentials c = new UsernamePasswordCredentials(user, pass);
> server.setCredentials(as,c);
> }
>
> List<String> databases = server.listDatabases();
>
> log.debug("databases = " + databases);
>
> ...
>
> }
>
> Hope that helps,
> James
>
>
>
> On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
> > I am trying to use jcouchdb api for authenticating against my couchdb
> > instance(0.11). I have set the admin usr/pass in futon and in addition
> > specified ADMIN and READER on the DB I am trying to access so only people
> > with correct credentials can access/view the DB.
> >
> > My code is pretty simple and directly using ServerImpl and its
> > setCredentials and get method:
> >
> > -------------------------
> > ServerImpl service = new ServerImpl("localhost");
> > Credentials credentials =
> > new UsernamePasswordCredentials(<usr>, <pass>);
> > AuthScope authScope = new AuthScope("http://localhost", 5984);
> >
> > service.setCredentials(authScope, credentials);
> >
> > Response res = service.get(/<database>);
> > -----------------------------
> >
> > But everytime I do this, I keep getting http 401 in my response. Is there
> > something I am missing or not setting correctly?
> >
> > I know its not exactly a couchdb question but there is very little to no
> > documentation available so thought I ll try here.
> >
> > Thanks!
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
Re: jcouchdb anyone?
Posted by James Marca <jm...@translab.its.uci.edu>.
Perhaps try passing the "authority" key when setting the AuthScope?
Example:
my /etc/couchdb/local.ini has:
...
[httpd]
; Uncomment next line to trigger basic-auth popup on unauthorized requests.
WWW-Authenticate = Basic realm="administrator"
...
My code in a test case looks as follows:
...
private static final String TESTDB_AUTHORITY = "administrator";
...
@Before
public void setUp() throws Exception {
// load couchdb properties
props.load(getClass().getClassLoader().getResource(DB_PROPERTIES).openStream());
...
dbname =props.getProperty("couchdb.db.dbname",TESTDB_NAME);
user =props.getProperty("couchdb.db.user");
pass =props.getProperty("couchdb.db.password");
authority =props.getProperty("couchdb.db.authority",TESTDB_AUTHORITY);
...
}
then later, I create dbs as follows...note the authority in AuthScope new call
public static Database createDatabaseForTest()
{
// Load couchdb properties
Server server = new ServerImpl(host,port);
if(user != null && pass !=null) {
AuthScope as = new AuthScope(host, port, authority);
Credentials c = new UsernamePasswordCredentials(user, pass);
server.setCredentials(as,c);
}
List<String> databases = server.listDatabases();
log.debug("databases = " + databases);
...
}
Hope that helps,
James
On Wed, Apr 28, 2010 at 10:33:31AM -0700, Bharat wrote:
> I am trying to use jcouchdb api for authenticating against my couchdb
> instance(0.11). I have set the admin usr/pass in futon and in addition
> specified ADMIN and READER on the DB I am trying to access so only people
> with correct credentials can access/view the DB.
>
> My code is pretty simple and directly using ServerImpl and its
> setCredentials and get method:
>
> -------------------------
> ServerImpl service = new ServerImpl("localhost");
> Credentials credentials =
> new UsernamePasswordCredentials(<usr>, <pass>);
> AuthScope authScope = new AuthScope("http://localhost", 5984);
>
> service.setCredentials(authScope, credentials);
>
> Response res = service.get(/<database>);
> -----------------------------
>
> But everytime I do this, I keep getting http 401 in my response. Is there
> something I am missing or not setting correctly?
>
> I know its not exactly a couchdb question but there is very little to no
> documentation available so thought I ll try here.
>
> Thanks!
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Re: jcouchdb anyone?
Posted by Bharat <bh...@gmail.com>.
Couchdb log:
--------------------
[debug] [<0.112.0>] 'GET' /<my db name> {1,1}
Headers: [{'Connection',"Keep-Alive"},{'Host',"localhost:5984"}]
[debug] [<0.112.0>] OAuth Params: []
[debug] [<0.112.0>] Not a reader: UserCtx {user_ctx,null,[],undefined} vs
Names [<<"<my username>">>] Roles [<<"_admin">>]
[debug] [<0.112.0>] Minor error in HTTP request: {unauthorized,
<<"You are not authorized to access this
db.">>}
[debug] [<0.112.0>] Stacktrace: [{couch_db,open,2},
{couch_httpd_db,do_db_req,2},
{couch_httpd,handle_request_int,5},
{mochiweb_http,headers,5},
{proc_lib,init_p_do_apply,3}]
[info] [<0.112.0>] 127.0.0.1 - - 'GET' /<my db name> 401
[debug] [<0.112.0>] httpd 401 error response:
{"error":"unauthorized","reason":"You are not authorized to access this
db."}
-------------------------------
[log]
file = /usr/local/var/log/couchdb/couch.log
level = debug
[couch_httpd_auth]
authentication_db = _users
require_valid_user = false
------------------------------
error on my output:
{"error":"unauthorized","reason":"You are not authorized to access this
db."}
code again:
ServerImpl service = new ServerImpl("localhost");
Credentials credentials =
new UsernamePasswordCredentials(<my username>, <pass>);
AuthScope authScope = new AuthScope("http://localhost", 5984);
service.setCredentials(authScope, credentials);
Response res = service.get(/<my db name>);
--------------
Thanks Chris
On Wed, Apr 28, 2010 at 11:06 AM, J Chris Anderson <jc...@gmail.com> wrote:
>
> On Apr 28, 2010, at 10:33 AM, Bharat wrote:
>
> > I am trying to use jcouchdb api for authenticating against my couchdb
> > instance(0.11). I have set the admin usr/pass in futon and in addition
> > specified ADMIN and READER on the DB I am trying to access so only people
> > with correct credentials can access/view the DB.
> >
> > My code is pretty simple and directly using ServerImpl and its
> > setCredentials and get method:
> >
> > -------------------------
> > ServerImpl service = new ServerImpl("localhost");
> > Credentials credentials =
> > new UsernamePasswordCredentials(<usr>, <pass>);
> > AuthScope authScope = new AuthScope("http://localhost", 5984);
> >
> > service.setCredentials(authScope, credentials);
> >
> > Response res = service.get(/<database>);
> > -----------------------------
> >
> > But everytime I do this, I keep getting http 401 in my response. Is there
> > something I am missing or not setting correctly?
> >
>
> If you can give us the logs from CouchDB (at debug level) or an HTTP-level
> transcript of what's happening, we can probably help better with debugging.
>
> Chris
>
> > I know its not exactly a couchdb question but there is very little to no
> > documentation available so thought I ll try here.
> >
> > Thanks!
>
>
Re: jcouchdb anyone?
Posted by J Chris Anderson <jc...@gmail.com>.
On Apr 28, 2010, at 10:33 AM, Bharat wrote:
> I am trying to use jcouchdb api for authenticating against my couchdb
> instance(0.11). I have set the admin usr/pass in futon and in addition
> specified ADMIN and READER on the DB I am trying to access so only people
> with correct credentials can access/view the DB.
>
> My code is pretty simple and directly using ServerImpl and its
> setCredentials and get method:
>
> -------------------------
> ServerImpl service = new ServerImpl("localhost");
> Credentials credentials =
> new UsernamePasswordCredentials(<usr>, <pass>);
> AuthScope authScope = new AuthScope("http://localhost", 5984);
>
> service.setCredentials(authScope, credentials);
>
> Response res = service.get(/<database>);
> -----------------------------
>
> But everytime I do this, I keep getting http 401 in my response. Is there
> something I am missing or not setting correctly?
>
If you can give us the logs from CouchDB (at debug level) or an HTTP-level transcript of what's happening, we can probably help better with debugging.
Chris
> I know its not exactly a couchdb question but there is very little to no
> documentation available so thought I ll try here.
>
> Thanks!