couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Randall Leeds (Commented) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-1320) OAuth authentication doesn't work with VHost entry
Date Mon, 12 Dec 2011 09:54:31 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13167437#comment-13167437
] 

Randall Leeds commented on COUCHDB-1320:
----------------------------------------

Rather than rely on authenticate_request using the user_ctx that's already present and doing
the trick you have committed, could we instead refactor couch_http to authenticate before
the vhost dispatch and rewrite? Most of handle_request_int seems like it doesn't need to run
again after a rewrite. Maybe it should have #http passed in and we could lift most of this
up to handle_request. Then we don't have to fiddle with the user_ctx and we do less duplicate
work after rewriting.
                
> OAuth authentication doesn't work with VHost entry
> --------------------------------------------------
>
>                 Key: COUCHDB-1320
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-1320
>             Project: CouchDB
>          Issue Type: Bug
>          Components: HTTP Interface
>    Affects Versions: 1.1
>         Environment: Ubuntu
>            Reporter: Martin Higham
>            Assignee: Filipe Manana
>             Fix For: 1.2
>
>         Attachments: Fix-OAuth-that-broke-with-vhost.patch, fdmanana-0001-Fix-OAuth-authentication-with-VHosts-URL-rewriting.patch
>
>
> If you have a vhost entry that modifies the path (such as my host.com = /mainDB/_design/main/_rewrite
) trying to authenticate a request to this host using OAuth fails.
> couch_httpd_oauth uses the modified path rather than the original x-couchdb-vhost-path
when calculating the signature.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

        

Mime
View raw message