couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jason Smith (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1356) POST _session responds with name: null if _admin user and no _users doc present
Date Wed, 07 Dec 2011 07:18:40 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1356?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13164200#comment-13164200
] 

Jason Smith commented on COUCHDB-1356:
--------------------------------------

Hi, Johannes. I believe the userCtx.name value indicates the name of the document in the _users
database, or `null` to indicate no corresponding document. Thus, CouchDB is communicating
that this request is authorized but not to any specific user on the server. (Something similar
happens if you have an /etc/passwd, NIS, or LDAP error; or if you remove a Unix user and look
at their old files. User and group ownership will be indicated by the underlying integer.
Both the type and value communicate information.)

CouchDB also uses null to indicate that it is in Admin Party mode. If you query /_session
without authorization data, the name will be null. If the roles include "_admin", then Admin
Party mode is active.
                
> POST _session responds with name: null if _admin user and no _users doc present
> -------------------------------------------------------------------------------
>
>                 Key: COUCHDB-1356
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1356
>             Project: CouchDB
>          Issue Type: Bug
>    Affects Versions: 1.1.1
>            Reporter: Johannes J. Schmidt
>            Priority: Minor
>
> When logging in with admin credentials (and no corresponding _users doc, if that is important),
the response of the POST to _session has the name property set to null:
>   {"ok":true,"name":null,"roles":["_admin"]}
> It should be the name of the admin instead, like it does when logging in with a standard
user:
>   {"ok":true,"name":"standarduser","roles":[]}
> Requesting the _session object after logging in with an admin, the name is proper set:
> {"ok":true,"userCtx":{"name":"adminuser","roles":["_admin"]},"info":{"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}}
> Johannes

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message