couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-2362) Have dev/run put the same cookie secret and hashed admin password in all three nodes of dev cluster
Date Thu, 13 Nov 2014 11:36:35 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-2362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14209625#comment-14209625
] 

ASF GitHub Bot commented on COUCHDB-2362:
-----------------------------------------

Github user candeira closed the pull request at:

    https://github.com/apache/couchdb/pull/269


> Have dev/run put the same cookie secret and hashed admin password in all three nodes
of dev cluster
> ---------------------------------------------------------------------------------------------------
>
>                 Key: COUCHDB-2362
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2362
>             Project: CouchDB
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: BigCouch
>            Reporter: Javier Candeira
>
> When starting a dev cluster with the --admin option:
> `dev/run -a candeira:candeira`
> the local.ini scripts get rebuilt with an extra [admin] section and the plaintext user
= password line. This means that couchdb adds the hashed password instead of replacing it.
> in addition, the admin party fix only sets the user = password line in one of the cluster's
nodes, which may create problem.
> The forthcoming patch will initialise all three nodes with the same hashed password,
as per rnewson:
> 00:27 <+rnewson> so you need to ensure that the admin is the same on all nodes
after  hashing  
> 00:28 <+rnewson> otherwise cookies won't work if you hop between nodes



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message