You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2017/12/06 11:27:20 UTC
[GitHub] kvzhkv opened a new issue #1052: 2.1.1 when I enable proxy authentication - cookie and basic authentication not working anymore, is it correct behavior?
kvzhkv opened a new issue #1052: 2.1.1 when I enable proxy authentication - cookie and basic authentication not working anymore, is it correct behavior?
URL: https://github.com/apache/couchdb/issues/1052
<!--- Provide a general summary of the issue in the Title above -->
I configured proxy authentication according to updated docs, it works, but basic and cookie authentication doesn't work anymore.
## Expected Behavior
<!--- If you're describing a bug, tell us what should happen -->
<!--- If you're suggesting a change/improvement, tell us how it should work -->
I think it should work as it used to be in 1.6.1
## Steps to Reproduce (for bugs)
<!--- Provide a link to a live example, or an unambiguous set of steps to -->
<!--- reproduce this bug. Include code to reproduce, if relevant -->
1. I have one database "test_db" and one user "test_user" in _users with password "123456"
2. Here is my couchdb2-local.ini
`
[couchdb]
database_dir = /Users/konstantin/Library/Application Support/CouchDB2/var/lib/couchdb
view_index_dir = /Users/konstantin/Library/Application Support/CouchDB2/var/lib/couchdb
uri_file = /Users/konstantin/Library/Application Support/CouchDB2/var/run/couchdb/couch.uri
uuid = 0bd5c3698116494a7aaa2efba168b5a5
[cluster]
n = 1
q = 2
[log]
writer = file
file = /Users/konstantin/Library/Logs/CouchDB2.log
[admins]
admin = -pbkdf2-70e67ff27f92224df8bf83a20a29d123fbbf37e75c9d,46322634965e033c04527ec6d476368f,10
[chttpd]
bind_address = 0.0.0.0
port = 5984
require_valid_user = true
authentication_handlers = {couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth, proxy_authentication_handler}, {couch_httpd_auth, default_authentication_handler}
[couch_httpd_auth]
secret = b0d4f93aec13969ecc21dddb35e2e1c4
require_valid_user = true
x_auth_username = X-Auth-CouchDB-UserName
x_auth_token = X-Auth-CouchDB-Token
x_auth_roles = X-Auth-CouchDB-Roles
`
3. I'm testing proxy authentication:
`curl -X GET \
http://localhost:5984/_session \
-H 'accept: application/json' \
-H 'content-type: application/json' \
-H 'x-auth-couchdb-username: test_user'`
response 200:
`{
"ok": true,
"userCtx": {
"name": "test_user",
"roles": []
},
"info": {
"authentication_db": "_users",
"authentication_handlers": [
"cookie",
"proxy",
"default"
],
"authenticated": "proxy"
}
}`
4. Testing basic authentication:
`curl -X GET \
http://localhost:5984/_session \
-H 'accept: application/json' \
-H 'authorization: Basic dGVzdF91c2VyOjEyMzQ1Ng==' \
-H 'content-type: application/json'`
response 401:
`{
"error": "unauthorized",
"reason": "Name or password is incorrect."
}`
5. testing cookie auth, first logging in and getting cookie (user's name and pass in the body and in basic auth server admin's name and pass) :
`curl -X POST \
http://localhost:5984/_session \
-H 'accept: application/json' \
-H 'authorization: Basic YWRtaW46Y291Y2hkYmFkbWlu' \
-H 'content-type: application/json' \
-d '{
"name": "test_user",
"password": "123456"
}'`
response 200 with cookie:
`{
"ok": true,
"name": "test_user",
"roles": []
}`
trying to GET _session with cookie response with:
`{
"error": "unauthorized",
"reason": "Authentication required."
}`
So I figured out that it is only possible to authenticate with servers admin username and password via basic auth.
Is there anything wrong with my configuration?
## Your Environment
<!--- Include as many relevant details about the environment you experienced the bug in -->
* Version used: 2.1.1
* Browser Name and version: Chrome
* Operating System and version (desktop or mobile): MacOS High Sierra 10.13.1
* Link to your project:
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services