couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Hammond <skippy.hamm...@gmail.com>
Subject Re: Couchdb and futon authentication on trunk (910404)
Date Wed, 17 Feb 2010 00:52:23 GMT
On 16/02/2010 8:35 PM, Brian Candler wrote:
> On Tue, Feb 16, 2010 at 05:05:10PM +1100, Patrick Barnes wrote:
>> - In admin party mode, when offered authentication details couchdb
>> and futon will complain. (from memory, I think the error was
>> {"error":"unauthorized","reason":"Name or password is incorrect."})
>
> Correct:
>
> $ curl -v http://admin:admin@127.0.0.1:5984/
> * About to connect() to 127.0.0.1 port 5984 (#0)
> *   Trying 127.0.0.1... connected
> * Connected to 127.0.0.1 (127.0.0.1) port 5984 (#0)
> * Server auth using Basic with user 'admin'
>> GET / HTTP/1.1
>> Authorization: Basic YWRtaW46YWRtaW4=
>> User-Agent: curl/7.18.0 (i486-pc-linux-gnu) libcurl/7.18.0 OpenSSL/0.9.8g
> * zlib/1.2.3.3 libidn/1.1
>> Host: 127.0.0.1:5984
>> Accept: */*
>>
> <  HTTP/1.1 401 Unauthorized
> <  Server: CouchDB/0.11.0be18ea3db-git (Erlang OTP/R12B)
> <  Date: Tue, 16 Feb 2010 09:31:57 GMT
> <  Content-Type: text/plain;charset=utf-8
> <  Content-Length: 67
> <  Cache-Control: must-revalidate
> <
> {"error":"unauthorized","reason":"Name or password is incorrect."}
> * Connection #0 to host 127.0.0.1 left intact
> * Closing connection #0
>
> I'd have thought that a browser would then prompt the user for new
> credentials.

IIUC, some browsers will only attempt to use the auth schemes in the 
www-authenticate header.  In the example above, such browsers wouldn't 
consider http basic auth was acceptable, so wouldn't prompt.

Cheers,

Mark

Mime
View raw message