You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2018/01/29 14:29:54 UTC
[GitHub] penkeysuresh opened a new issue #1131: Auth Failure on /_session API with message "Minor error in HTTP request" for user names more than 30 characters when doing on browser
penkeysuresh opened a new issue #1131: Auth Failure on /_session API with message "Minor error in HTTP request" for user names more than 30 characters when doing on browser
URL: https://github.com/apache/couchdb/issues/1131
<!--- Provide a general summary of the issue in the Title above -->
I'm facing this very peculiar bug on my couchdb installation. I have user databases on couch whose access is restricted to each user with their email and password. That is, for example a user whose email is 'email-id-with-more-than@30characters' has a database with name 'somerandomehash' with password 'secure-password'
Now I'm making an auth call in my web app whenever user is logging in (request headers are posted below). This request, when I do from my web app fails, but when I do this using curl or postman extension, or directly trying to login using futon succeeds. I've checked all the headers and couchdb logs for any hints on why this is happening but to no avail.
I assure you that the username and password are entered correctly, my couchdb instance is dockerised and is behind nginx proxy. I've searched on net and found a very similar case reported here [Couchdb auth failure with "Minor error in HTTP request"](http://grokbase.com/t/couchdb/user/11c7yjjkev/authentication-failure-with-minor-error-in-http-request). But there is no resolution listed there.
## Expected behavior
Databases with user name more than 30 characters when trying to login from browser should succeed.
<!--- If you're describing a bug, tell us what should happen -->
<!--- If you're suggesting a change/improvement, tell us how it should work -->
## Steps to Reproduce (for bugs)
<!--- Provide a link to a live example, or an unambiguous set of steps to -->
<!--- reproduce this bug. Include code to reproduce, if relevant -->
1. I can provide link to my staging website if needed
## Context (Couch db logs)
````
LESS THAN 30 CHARS DB NAME SUCCESS
[Mon, 29 Jan 2018 13:41:48 GMT] [debug] [<0.5223.2>] 'POST' /_session {1,0} from "x.x.x.x"
Headers: [{'Accept',"application/json"},
{'Accept-Encoding',"gzip, deflate, br"},
{'Accept-Language',"en-US,en;q=0.9"},
{'Authorization',"Basic ZGluZXNocmVkZHlzMTIzNEBnbWFpbC5jb206MzAyMDA4YjktMjFjNC00NjNiLWIwOTEtMzUxZmMzM2E4NzEz"},
{'Connection',"close"},
{'Content-Length',"87"},
{'Content-Type',"application/json"},
{'Cookie',"_ga=GA1.2.x.x.x.x; _gid=GA1.x.x.x.x; _gat_UA-x.x.x.x=1"},
{"Dnt","1"},
{'Host',"staging.couch.mydomain.com"},
{"Origin","https://staging.beta.mydomain.com"},
{'Referer',"https://staging.beta.mydomain.com/"},
{'User-Agent',"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"},
{'X-Forwarded-For',"x.x.x.x"},
{"X-Forwarded-Ssl","on"}]
[Mon, 29 Jan 2018 13:41:48 GMT] [debug] [<0.5223.2>] OAuth Params: []
[Mon, 29 Jan 2018 13:41:48 GMT] [debug] [<0.5223.2>] Attempt Login: lessthan30chars@email.com
[Mon, 29 Jan 2018 13:41:48 GMT] [info] [<0.5223.2>] 172.17.0.1 - - POST /_session 200
MORE THAN 30 CHARS DB USER NAME FAILURE
[Mon, 29 Jan 2018 13:02:09 GMT] [debug] [<0.2659.2>] 'POST' /_session {1,0} from "x.x.x.x"
Headers: [{'Accept',"application/json"},
{'Accept-Encoding',"gzip, deflate, br"},
{'Accept-Language',"en-US,en;q=0.9"},
{'Authorization',"Basic cGFkbWF2YXRoaXZlbmthdGVzaDA2NzFAZ21haWw6NzVjNWExMWMtZTBkYy00N2JlLTk0MjUtNWU3OGFkZmM5ZjFh"},
{'Connection',"close"},
{'Content-Length',"94"},
{'Content-Type',"application/json"},
{'Cookie',"_ga=GA1.2.x.x.x.x; _gid=GA1.x.x.x.x; _gat_UA-x.x.x.x=1"},
{"Dnt","1"},
{'Host',"staging.couch.mydomain.com"},
{"Origin","https://staging.beta.mydomain.com"},
{'Referer',"https://staging.beta.mydomain.com/"},
{'User-Agent',"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36"},
{'X-Forwarded-For',"x.x.x.x"},
{"X-Forwarded-Ssl","on"}]
[Mon, 29 Jan 2018 13:02:09 GMT] [debug] [<0.2659.2>] OAuth Params: []
[Mon, 29 Jan 2018 13:02:09 GMT] [debug] [<0.2659.2>] Minor error in HTTP request: {unauthorized,
<<"Name or password is incorrect.">>}
[Mon, 29 Jan 2018 13:02:09 GMT] [debug] [<0.2659.2>] Stacktrace: [{couch_httpd_auth,
default_authentication_handler,1,
[{file,"couch_httpd_auth.erl"},
{line,69}]},
{couch_httpd,authenticate_request,2,
[{file,"couch_httpd.erl"},{line,441}]},
{couch_httpd,handle_request_int,5,
[{file,"couch_httpd.erl"},{line,328}]},
{mochiweb_http,headers,5,
[{file,"mochiweb_http.erl"},{line,94}]},
{proc_lib,init_p_do_apply,3,
[{file,"proc_lib.erl"},{line,237}]}]
[Mon, 29 Jan 2018 13:02:09 GMT] [info] [<0.2659.2>] 172.17.0.1 - - POST /_session 401
[Mon, 29 Jan 2018 13:02:09 GMT] [debug] [<0.2659.2>] httpd 401 error response:
{"error":"unauthorized","reason":"Name or password is incorrect."}
````
## Your Environment
<!--- Include as many relevant details about the environment you experienced the bug in -->
* Version used: 1.7.1
* Browser Name and version: Chrome 63.0.3239.132 (Official Build) (64-bit), Version 11.0.2 (13604.4.7.1.6), tested on both (although I don't think it's an issue with browsers)
* Operating System and version (desktop or mobile): MacOS High Sierra
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services