[GitHub] whittaker007 commented on issue #1183: Proxy Authentication doesn't work when proxy_use_secret=true

[GitBox <gi...@apache.org>]

whittaker007 commented on issue #1183: Proxy Authentication doesn't work when proxy_use_secret=true
URL: https://github.com/apache/couchdb/issues/1183#issuecomment-409070521
 
 
   Sorry I'm a bit confused. The last comment says issue is fixed in apache/couchdb-documentation#291, but a review of that issue just shows a tiny bit of documentation to reference the token as being a SHA1 of the username using the secret as key.
   
   But the issue (that authentication always fails if you try to use this feature) is not fixed at all. Issue #1174 has also been closed with no resolution that I could see.
   
   So is there some secret fix that I've missed? Or is this broken functionality now intended? If so should all documentation relating to proxy auth with these headers be removed so people don't try to use them thinking they should work?
   
   Finally, is the expected behaviour of proxy auth that you only need the couch username (and maybe roles?) to access Couch content without a password or hash or anything? This seems to be the current state since with "proxy_use_secret = true" I cannot auth, and without it I can auth with nothing but "X-Auth-CouchDB-UserName" and "X-Auth-CouchDB-Roles" and no other auth.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services