couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jch...@apache.org
Subject svn commit: r979070 - in /couchdb/trunk: etc/couchdb/local.ini src/couchdb/couch_httpd.erl
Date Sun, 25 Jul 2010 17:01:37 GMT
Author: jchris
Date: Sun Jul 25 17:01:37 2010
New Revision: 979070

URL: http://svn.apache.org/viewvc?rev=979070&view=rev
Log:
send a basic-auth popup header if require_valid_user=true, to prevent lock-out

Modified:
    couchdb/trunk/etc/couchdb/local.ini
    couchdb/trunk/src/couchdb/couch_httpd.erl

Modified: couchdb/trunk/etc/couchdb/local.ini
URL: http://svn.apache.org/viewvc/couchdb/trunk/etc/couchdb/local.ini?rev=979070&r1=979069&r2=979070&view=diff
==============================================================================
--- couchdb/trunk/etc/couchdb/local.ini (original)
+++ couchdb/trunk/etc/couchdb/local.ini Sun Jul 25 17:01:37 2010
@@ -14,7 +14,9 @@
 ;WWW-Authenticate = Basic realm="administrator"
 
 [couch_httpd_auth]
-; if you set this to true, you should also uncomment the WWW-Authenticate line above
+; If you set this to true, you should also uncomment the WWW-Authenticate line
+; above. If you don't configure a WWW-Authenticate header, CouchDB will send
+; Basic realm="server" in order to prevent you getting logged out.
 ; require_valid_user = false
 
 [log]

Modified: couchdb/trunk/src/couchdb/couch_httpd.erl
URL: http://svn.apache.org/viewvc/couchdb/trunk/src/couchdb/couch_httpd.erl?rev=979070&r1=979069&r2=979070&view=diff
==============================================================================
--- couchdb/trunk/src/couchdb/couch_httpd.erl (original)
+++ couchdb/trunk/src/couchdb/couch_httpd.erl Sun Jul 25 17:01:37 2010
@@ -750,7 +750,8 @@ error_headers(#httpd{mochi_req=MochiReq}
                     AuthRedirect ->
                         case couch_config:get("couch_httpd_auth", "require_valid_user", "false")
of
                         "true" ->
-                            {Code, []};
+                            % send the browser popup header no matter what if we are require_valid_user
+                            {Code, [{"WWW-Authenticate", "Basic realm=\"server\""}]};
                         _False ->
                             % if the accept header matches html, then do the redirect. else
proceed as usual.
                             case re:run(MochiReq:get_header_value("Accept"), "html", [{capture,
none}]) of



Mime
View raw message