couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jt <>
Subject Auth failure and 401 not working on windows in 1.0.2
Date Thu, 02 Feb 2012 05:18:23 GMT
Hello everyone,

I have an intriguing and very frustrating runtime difference between two
environments running the same code.  The code is designed to logout a user
from the couchdb hosted website by first invalidating the session (following
the guidelines of the session API) and then attempting to access the root of
the site itself.
When couch returns a 401 after Auth failure we have NGINX redirect the 401
to our login page.  This code has worked (and does work) on linux running
1.0.2 for many months.  However I have a requirement to run a windows
version with couch running as a Windows Service.  I am using the 1.1.1
version of couch (referenced from the wiki), but in my windows version after
successfully submitting the session invalidator (as recommended in the
session API) I am not receiving the 401.  Instead I am receiving a 200
response and never getting to my login page even though the session is gone.

Below I have pasted the output of both logs and the content of both
configurations.  Any help or guidance that can be offered is appreciated.  I
really hope I am missing something stupid here.  ☺


Windows 7

*NGINX access Log entry for Windows running 1.1.1
* - - [01/Feb/2012:21:12:57 -0700] "DELETE /couchdb/_session
HTTP/1.1" 200 12 "https://localhost/" "Mozilla/5.0 (Windows NT 6.1; WOW64;
rv:10.0) Gecko/20100101 Firefox/10.0" "-" - - [01/Feb/2012:21:13:00 -0700] "GET / HTTP/1.1" 200 14217 "-"
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0) Gecko/20100101 Firefox/10.0"

This does NOT work because CouchDB returns a 200 after invalidating the

*CouchDB Configuration for Windows running 1.1.1
* [couchdb]
os_process_timeout = 60000

bind_address =

secret = f35362a03a502974e6adbc05db45fafe
require_valid_user = false

level = debug


view_updater = "..\..\..\..\ruby\bin\ruby.exe"

{username} = -hashed-3XXX…,3XXX…

fti = ..\..\..\..\..\Python32 ..\etc\couchdb\view_updater.rb


*NGINX access Log entry for Linux Server running 1.02
* - - [02/Feb/2012:03:39:50 +0000] "DELETE /couchdb/_session
HTTP/1.1" 200 12 "http://crlvermaster/" "Mozilla/5.0 (Macintosh; Intel Mac
OS X 10.7; rv:9.0.1) Gecko/20100101 Firefox/9.0.1" "-" - - [02/Feb/2012:03:39:50 +0000] "GET / HTTP/1.1" 401 11115 "-"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:9.0.1) Gecko/20100101
Firefox/9.0.1" "-"

This works because CouchDB returns a 401 after invalidating the session.

*CouchDB Local.ini for Linux Server running 1.02
os_process_timeout = 60000

authentication_handlers = {couch_httpd_oauth, oauth_authentication_handler},
{couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth,
authentication_handler =  {couch_httpd_auth, cookie_authentication_handler}


secret = a253c876139cb4550e3a12750eecc03e
require_valid_user = false
timeout = 6000


{username} = -hashed-3XXX…,3XXX…

view_updater = /etc/couchdb/view_updater.rb

fti=/usr/bin/python /usr/share/couchdb-lucene/tools/

_fti = {couch_httpd_external, handle_external_req, <<"fti">>}

View this message in context:
Sent from the CouchDB Development mailing list archive at

View raw message