You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@couchdb.apache.org by "Martin Higham (Created) (JIRA)" <ji...@apache.org> on 2011/10/28 16:00:32 UTC
[jira] [Created] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
OAuth authentication doesn't work with VHost entry
--------------------------------------------------
Key: COUCHDB-1320
URL: https://issues.apache.org/jira/browse/COUCHDB-1320
Project: CouchDB
Issue Type: Bug
Components: HTTP Interface
Affects Versions: 1.1
Environment: Ubuntu
Reporter: Martin Higham
If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
Re: [jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't
work with VHost entry
Posted by Benoit Chesneau <bc...@gmail.com>.
On Sat, Dec 10, 2011 at 9:19 PM, Benoit Chesneau (Commented) (JIRA)
<ji...@apache.org> wrote:
>
> [ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166968#comment-13166968 ]
>
> Benoit Chesneau commented on COUCHDB-1320:
> ------------------------------------------
>
> I don't remember to have time to review it though .... I like email
> bump sometimes.
>
> Also I don't see why a registry process is used here? What is the reason?
Saw your answer.
> Why x-couchdb-vhost-path couldn't have been used for the oauth calculation ?$
nm . I am just confused by the the user_ctx thing I think. Sound
really overkill.
- benoît
[jira] [Updated] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Martin Higham updated COUCHDB-1320:
-----------------------------------
Attachment: Fix-OAuth-that-broke-with-vhost.patch
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Attachments: Fix-OAuth-that-broke-with-vhost.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13157134#comment-13157134 ]
Martin Higham commented on COUCHDB-1320:
----------------------------------------
Attached fix.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Attachments: Fix-OAuth-that-broke-with-vhost.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana reassigned COUCHDB-1320:
--------------------------------------
Assignee: Benoit Chesneau (was: Filipe Manana)
Benoit, assigning this to you for review.
thanks
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Benoit Chesneau
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13144709#comment-13144709 ]
Filipe Manana commented on COUCHDB-1320:
----------------------------------------
Good point Martin, I didn't thought about that.
There's an etap (Erlang) unit test for vhosts: test/etap/160-vhosts.t
Perhaps it's possible to get the test in Erlang. There's an Erlang Oauth library Couch ships with that can help (see src/erlang-oauth/oauth.erl).
Let me know if it works for you.
Thanks
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13142149#comment-13142149 ]
Martin Higham commented on COUCHDB-1320:
----------------------------------------
A fix for this issue and a partial fix for COUCHDB-1321 making use of x-couchdb-vhost-path can be found in my commit at
https://github.com/ocastalabs/couchdb/commit/dc0106364605722cbc0935e92cff5e3ec01a7b1a
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13157125#comment-13157125 ]
Martin Higham commented on COUCHDB-1320:
----------------------------------------
COUCHDB-1321 doesn't fix this because it copies the value of raw_path which is wrong when a vhost is set. If the header x-couchdb-vhost-path is set then that value should be used instead
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Randall Leeds (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167437#comment-13167437 ]
Randall Leeds commented on COUCHDB-1320:
----------------------------------------
Rather than rely on authenticate_request using the user_ctx that's already present and doing the trick you have committed, could we instead refactor couch_http to authenticate before the vhost dispatch and rewrite? Most of handle_request_int seems like it doesn't need to run again after a rewrite. Maybe it should have #http passed in and we could lift most of this up to handle_request. Then we don't have to fiddle with the user_ctx and we do less duplicate work after rewriting.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Fix For: 1.2
>
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana resolved COUCHDB-1320.
------------------------------------
Resolution: Fixed
Fix Version/s: 1.2
Assignee: Filipe Manana (was: Benoit Chesneau)
Fix applied to master and 1.2.x
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Fix For: 1.2
>
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13157137#comment-13157137 ]
Filipe Manana commented on COUCHDB-1320:
----------------------------------------
Thanks Martin.
I'll give it a try soon.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Attachments: Fix-OAuth-that-broke-with-vhost.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13143042#comment-13143042 ]
Filipe Manana commented on COUCHDB-1320:
----------------------------------------
Thanks Martin. While not an expert on this field, it looks good.
Do you think you can add tests? (share/www/script/test/oauth.js)
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana updated COUCHDB-1320:
-----------------------------------
Attachment: fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
Martin, I've spent some time testing this well.
The patch you provided didn't seem to fix it.
I added some tests to confirm the fix, which uses VHosts + URL rewriting.
A big part of the problem here is that the OAuth handler is executed 2 times:
1) after the VHost dispatch happens and before the rewriter is called;
2) after the rewriter is called. This time the OAuth handler gets a rewritten patch which will cause the OAuth signature check to fail, since the client's provided signature is based on the first path (pre VHost dispatch, and pre rewriting phase)
The patch I'm attaching here explains this in the commit message.
Also, leaving it for Benoît to confirm if this is an ok fix.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13144181#comment-13144181 ]
Martin Higham commented on COUCHDB-1320:
----------------------------------------
Are there any examples of setting a vhost in the javascript tests? Without one any new test would fail?
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Benoit Chesneau (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166968#comment-13166968 ]
Benoit Chesneau commented on COUCHDB-1320:
------------------------------------------
I don't remember to have time to review it though .... I like email
bump sometimes.
Also I don't see why a registry process is used here? What is the reason?
Why x-couchdb-vhost-path couldn't have been used for the oauth calculation ?
- benoît
On Sat, Dec 10, 2011 at 9:05 PM, Filipe Manana (Resolved) (JIRA)
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Fix For: 1.2
>
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Klaus Trainer (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13146932#comment-13146932 ]
Klaus Trainer commented on COUCHDB-1320:
----------------------------------------
If you ask me, I think we should simply apply the fix for COUCHDB-1321 and hence, as a nice side effect, fix this issue as well. Independently of that, leave this issue here open until a test that provides actual proof of the fix has been applied.
I will have a look at testing the OAuth with vhost case later.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Martin Higham (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13146881#comment-13146881 ]
Martin Higham commented on COUCHDB-1320:
----------------------------------------
Klaus's patch in COUCHDB-1321 also fixes this issue and has test cases for the rewrite condition but not the VHost condition
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Jan Lehnardt (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13157971#comment-13157971 ]
Jan Lehnardt commented on COUCHDB-1320:
---------------------------------------
The patch & tests look good to me.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Benoit Chesneau
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13166972#comment-13166972 ]
Filipe Manana commented on COUCHDB-1320:
----------------------------------------
"> Why x-couchdb-vhost-path couldn't have been used for the oauth calculation ?"
Not understanding your question. The changes I made to couch_httpd_oauth.erl make use of the header x-couchdb-vhost-path to compute the OAuth signature.
"nm . I am just confused by the the user_ctx thing I think. Sound
really overkill."
Overkill in which sense?
What's important is passing a user_ctx to the 2nd (post rewrite resolution) couch_httpd:handle_request_int call, so that it doesn't run all the auth handlers again. About using the process dictionary versus a new couch_httpd:handle_request_int function with an extra argument (UserCtx), I don't see any of them overkill compared to the other.
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Fix For: 1.2
>
> Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (COUCHDB-1320) OAuth authentication doesn't work
with VHost entry
Posted by "Filipe Manana (Assigned) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Filipe Manana reassigned COUCHDB-1320:
--------------------------------------
Assignee: Filipe Manana
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
> Key: COUCHDB-1320
> URL: https://issues.apache.org/jira/browse/COUCHDB-1320
> Project: CouchDB
> Issue Type: Bug
> Components: HTTP Interface
> Affects Versions: 1.1
> Environment: Ubuntu
> Reporter: Martin Higham
> Assignee: Filipe Manana
> Attachments: Fix-OAuth-that-broke-with-vhost.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite ) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path when calculating the signature.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira