Return-Path: Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: (qmail 86095 invoked from network); 12 Apr 2009 06:30:01 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3) by minotaur.apache.org with SMTP; 12 Apr 2009 06:30:01 -0000 Received: (qmail 50702 invoked by uid 500); 12 Apr 2009 06:29:59 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 50606 invoked by uid 500); 12 Apr 2009 06:29:58 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 50596 invoked by uid 99); 12 Apr 2009 06:29:58 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 12 Apr 2009 06:29:58 +0000 X-ASF-Spam-Status: No, hits=2.7 required=10.0 tests=NORMAL_HTTP_TO_IP,SPF_NEUTRAL,WEIRD_PORT X-Spam-Check-By: apache.org Received-SPF: neutral (athena.apache.org: local policy) Received: from [209.85.200.172] (HELO wf-out-1314.google.com) (209.85.200.172) by apache.org (qpsmtpd/0.29) with ESMTP; Sun, 12 Apr 2009 06:29:51 +0000 Received: by wf-out-1314.google.com with SMTP id 28so1849315wfa.29 for ; Sat, 11 Apr 2009 23:29:28 -0700 (PDT) MIME-Version: 1.0 Received: by 10.142.78.10 with SMTP id a10mr2074320wfb.345.1239517768886; Sat, 11 Apr 2009 23:29:28 -0700 (PDT) Date: Sat, 11 Apr 2009 23:29:28 -0700 Message-ID: <1d3db2990904112329h11eee7a4j8c2c029b8a4c9bec@mail.gmail.com> Subject: auth using Nginx as proxy From: Samuel Wan To: user@couchdb.apache.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org I have also set up nginx as a reverse proxy to couchdb, and also encountered the second login prompt mentioned by Alex Rudyk in his email quoted below. The second authentication prompt looks like this: A username and password are being requested by http://. The site says: "administrator" I've confirmed that the proxy works without the auth turned on (except for the known couch.js subdirectory URL issue). I've also confirmed that the default.ini and couchdb.ini files don't have admin username/passwords activated. Here is my nginx configuration. location /couchdb { rewrite /couchdb/(.*) /$1 break; proxy_pass http://localhost:5984; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_fo$ auth_basic "Restricted"; auth_basic_user_file htpasswd; } Does the auth_basic directive pass along some kind of authentication request to the proxied CouchDB server? It seems that the CouchDB authentication is getting triggered even though I haven't modified the local.ini or default.ini files. -Sam --------------------- From "Alex Rudyk" Subject Basic auth using Nginx as proxy Date Mon, 12 Jan 2009 03:13:06 GMT I am trying to setup basic auth for couchdb that is proxied by Nginx. I setuped nginx proxy and it works very well but when I am adding basic auth for nginx it pass Nginx basic auth module, but browser show "enter user name and password" dialog once again with real "administrator" that I think is goes from couchdb new default_authentication_handler. My nginx realm name is "Restricted". Here is nginx config file: server { listen 8088; server_name couchdb; location / { proxy_pass http://127.0.0.1:5984; proxy_redirect off; proxy_set_header Port $proxy_port; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; auth_basic "Restricted"; auth_basic_user_file htpasswd; } } Does any body have some ideas how to fix this?