couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Lehnardt <...@apache.org>
Subject Re: auth using Nginx as proxy
Date Sun, 12 Apr 2009 10:32:50 GMT
Hi,

I think nginx passes on auth headers and the default auth handler
in CouchDB then tries to verify it which it can't because you don't
have any admins. What works, I think, to have the same username
and password combinations for CouchDB and the upstream proxy.

If that's no feasible, I committed the `null_authentication_handler`
that just accepts everybody.

in your `local.ini` set:

[httpd]
authentication_handler = {couch_httpd, null_authentication_handler}

Note that this is available only in trunk since r762574

Cheers
Jan
--


On 12 Apr 2009, at 07:29, Samuel Wan wrote:

> I have also set up nginx as a reverse proxy to couchdb, and also
> encountered the second login prompt mentioned by Alex Rudyk in his
> email quoted below. The second authentication prompt looks like this:
>
>       A username and password are being requested by http://<ip
> address>. The site says: "administrator"
>
> I've confirmed that the proxy works without the auth turned on (except
> for the known couch.js subdirectory URL issue). I've also confirmed
> that the default.ini and couchdb.ini files don't have admin
> username/passwords activated.
>
> Here is my nginx configuration.
>
>        location /couchdb {
>                rewrite /couchdb/(.*) /$1 break;
>                proxy_pass http://localhost:5984;
>                proxy_redirect     off;
>                proxy_set_header   Host             $host;
>                proxy_set_header   X-Real-IP        $remote_addr;
>                proxy_set_header   X-Forwarded-For   
> $proxy_add_x_forwarded_fo$
>                auth_basic "Restricted";
>                auth_basic_user_file htpasswd;
>        }
>
> Does the auth_basic directive pass along some kind of authentication
> request to the proxied CouchDB server? It seems that the CouchDB
> authentication is getting triggered even though I haven't modified the
> local.ini or default.ini files.
>
> -Sam
>
> ---------------------
> From	"Alex Rudyk" <alex.ru...@gmail.com>
> Subject	Basic auth using Nginx as proxy
> Date	Mon, 12 Jan 2009 03:13:06 GMT
>
> I am trying to setup basic auth for couchdb that is proxied by Nginx.
> I setuped nginx proxy and it works very well but when I am adding  
> basic auth
> for nginx it pass Nginx basic auth module, but browser show "enter  
> user name
> and password" dialog once again with real "administrator" that I  
> think is
> goes from couchdb new default_authentication_handler. My nginx realm  
> name is
> "Restricted".
> Here is nginx config file:
>
> server {
>      listen        8088;
>    server_name   couchdb;
>      location / {
>        proxy_pass http://127.0.0.1:5984;
>                proxy_redirect off;
>                proxy_set_header   Port             $proxy_port;
>                proxy_set_header   X-Real-IP        $remote_addr;
>                proxy_set_header   X-Forwarded-For
> $proxy_add_x_forwarded_for;
>
>        auth_basic            "Restricted";
>                auth_basic_user_file  htpasswd;
>
>        }
> }
>
> Does any body have some ideas how to fix this?
>


Mime
View raw message