You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "willholley (via GitHub)" <gi...@apache.org> on 2023/05/10 12:44:45 UTC

[GitHub] [couchdb] willholley commented on issue #4590: CookieAuth works only on one node

willholley commented on issue #4590:
URL: https://github.com/apache/couchdb/issues/4590#issuecomment-1542147595

   This is the expected behaviour with the default Helm chart values. 
   
   It occurs because each when deploying the helm chart, the admin password is typically specified in plaintext. Each CouchDB node (pod) then hashes the admin password independently on first use, overwriting the plaintext password internally.
   
   CouchDB's cookie authentication relies on the password hash being the same on each database node, which it is not in this case.
   
   You have a few options:
   
   1. In the Helm chart values, set the admin hash explicitly (see https://sleeplessbeastie.eu/2020/03/13/how-to-generate-password-hash-for-couchdb-administrator/) for how to generate this.
   1. Use basic auth only for the admin user. That is, create normal CouchDB users for interactive use.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@couchdb.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org