You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "ASF subversion and git services (JIRA)" <ji...@apache.org> on 2015/02/20 15:54:14 UTC

[jira] [Commented] (COUCHDB-2343) /_config/admins/username fails on master

    [ https://issues.apache.org/jira/browse/COUCHDB-2343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14329004#comment-14329004 ] 

ASF subversion and git services commented on COUCHDB-2343:
----------------------------------------------------------

Commit 2a583cb0dfcd446ae259b272acd58068079c9b52 in couchdb-chttpd's branch refs/heads/master from [~robertkowalski]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-chttpd.git;h=2a583cb ]

Remove _config route on cluster

In order to avoid users shooting themselves in the foot by using
`/_config/` on a clustered CouchDB with a loadbalancer in front,
we remove it on `15984` - it will be available for single-node-
mode on the backdoor port (`15986`) or for users that are feeling
lucky which want to fire curl requests to every node.

It also allows Fauxton to detect if it is running on a the backdoor
port. Fauxton will - if it gets a 200 instead of a 404 - show the
config-section to the user.

COUCHDB-2601 COUCHDB-2390 COUCHDB-2343


> /_config/admins/username fails on master
> ----------------------------------------
>
>                 Key: COUCHDB-2343
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2343
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: HTTP Interface
>    Affects Versions: 2.0.0
>            Reporter: Joan Touzet
>            Priority: Blocker
>              Labels: auth
>             Fix For: 2.0.0
>
>
> In a multi-node setup, calling _config/admins/username to create an admin user fails to correctly configure a cluster with a new administrator. This fails for two reasons:
> 1) The call is only processed on a single node, and the admin entry is not replicated
> 2) Even if the call is repeated on all nodes manually, the hashes will be different on each node, which will cause cookie failure when attempting to authenticate via other machines.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)