couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Robert Newson (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-2343) /_config/admins/username fails on master
Date Tue, 30 Sep 2014 14:24:34 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-2343?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14153219#comment-14153219
] 

Robert Newson commented on COUCHDB-2343:
----------------------------------------

note that it's specifically that the 'salt' value is generated at each site and used in the
cookie verification. So basic auth will work, but cookie auth fails if you bounce around the
cluster.

> /_config/admins/username fails on master
> ----------------------------------------
>
>                 Key: COUCHDB-2343
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2343
>             Project: CouchDB
>          Issue Type: Bug
>      Security Level: public(Regular issues) 
>          Components: HTTP Interface
>    Affects Versions: 2.0.0
>            Reporter: Joan Touzet
>            Priority: Blocker
>              Labels: auth
>
> In a multi-node setup, calling _config/admins/username to create an admin user fails
to correctly configure a cluster with a new administrator. This fails for two reasons:
> 1) The call is only processed on a single node, and the admin entry is not replicated
> 2) Even if the call is repeated on all nodes manually, the hashes will be different on
each node, which will cause cookie failure when attempting to authenticate via other machines.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message