You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Johannes J. Schmidt (Created) (JIRA)" <ji...@apache.org> on 2011/12/06 19:39:39 UTC
[jira] [Created] (COUCHDB-1356) POST _session responds with name:
null if _admin user and no _users doc present
POST _session responds with name: null if _admin user and no _users doc present
-------------------------------------------------------------------------------
Key: COUCHDB-1356
URL: https://issues.apache.org/jira/browse/COUCHDB-1356
Project: CouchDB
Issue Type: Bug
Affects Versions: 1.1.1
Reporter: Johannes J. Schmidt
Priority: Minor
When logging in with admin credentials (and no corresponding _users doc, if that is important), the response of the POST to _session has the name property set to null:
{"ok":true,"name":null,"roles":["_admin"]}
It should be the name of the admin instead, like it does when logging in with a standard user:
{"ok":true,"name":"standarduser","roles":[]}
Requesting the _session object after logging in with an admin, the name is proper set:
{"ok":true,"userCtx":{"name":"adminuser","roles":["_admin"]},"info":{"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}}
Johannes
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1356) POST _session responds with name:
null if _admin user and no _users doc present
Posted by "Johannes J. Schmidt (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164225#comment-13164225 ]
Johannes J. Schmidt commented on COUCHDB-1356:
----------------------------------------------
But then why is the name not null when issuing a GET request to _session like I mentioned above?
I believe the POST response should be according to the GET response.
Btw. the couch I query is not in Admin Party mode.
> POST _session responds with name: null if _admin user and no _users doc present
> -------------------------------------------------------------------------------
>
> Key: COUCHDB-1356
> URL: https://issues.apache.org/jira/browse/COUCHDB-1356
> Project: CouchDB
> Issue Type: Bug
> Affects Versions: 1.1.1
> Reporter: Johannes J. Schmidt
> Priority: Minor
>
> When logging in with admin credentials (and no corresponding _users doc, if that is important), the response of the POST to _session has the name property set to null:
> {"ok":true,"name":null,"roles":["_admin"]}
> It should be the name of the admin instead, like it does when logging in with a standard user:
> {"ok":true,"name":"standarduser","roles":[]}
> Requesting the _session object after logging in with an admin, the name is proper set:
> {"ok":true,"userCtx":{"name":"adminuser","roles":["_admin"]},"info":{"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}}
> Johannes
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1356) POST _session responds with name:
null if _admin user and no _users doc present
Posted by "Jason Smith (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164200#comment-13164200 ]
Jason Smith commented on COUCHDB-1356:
--------------------------------------
Hi, Johannes. I believe the userCtx.name value indicates the name of the document in the _users database, or `null` to indicate no corresponding document. Thus, CouchDB is communicating that this request is authorized but not to any specific user on the server. (Something similar happens if you have an /etc/passwd, NIS, or LDAP error; or if you remove a Unix user and look at their old files. User and group ownership will be indicated by the underlying integer. Both the type and value communicate information.)
CouchDB also uses null to indicate that it is in Admin Party mode. If you query /_session without authorization data, the name will be null. If the roles include "_admin", then Admin Party mode is active.
> POST _session responds with name: null if _admin user and no _users doc present
> -------------------------------------------------------------------------------
>
> Key: COUCHDB-1356
> URL: https://issues.apache.org/jira/browse/COUCHDB-1356
> Project: CouchDB
> Issue Type: Bug
> Affects Versions: 1.1.1
> Reporter: Johannes J. Schmidt
> Priority: Minor
>
> When logging in with admin credentials (and no corresponding _users doc, if that is important), the response of the POST to _session has the name property set to null:
> {"ok":true,"name":null,"roles":["_admin"]}
> It should be the name of the admin instead, like it does when logging in with a standard user:
> {"ok":true,"name":"standarduser","roles":[]}
> Requesting the _session object after logging in with an admin, the name is proper set:
> {"ok":true,"userCtx":{"name":"adminuser","roles":["_admin"]},"info":{"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}}
> Johannes
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira