Return-Path: 
 <user-return-8809-apmail-couchdb-user-archive=couchdb.apache.org@couchdb.apache.org>
Delivered-To: apmail-couchdb-user-archive@www.apache.org
Received: (qmail 54807 invoked from network); 17 Feb 2010 00:54:07 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 17 Feb 2010 00:54:07 -0000
Received: (qmail 57622 invoked by uid 500); 17 Feb 2010 00:54:05 -0000
Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org
Received: (qmail 57535 invoked by uid 500); 17 Feb 2010 00:54:05 -0000
Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:user-help@couchdb.apache.org>
List-Unsubscribe: <mailto:user-unsubscribe@couchdb.apache.org>
List-Post: <mailto:user@couchdb.apache.org>
List-Id: <user.couchdb.apache.org>
Reply-To: user@couchdb.apache.org
Delivered-To: mailing list user@couchdb.apache.org
Received: (qmail 57525 invoked by uid 99); 17 Feb 2010 00:54:05 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 17 Feb 2010 00:54:05 +0000
X-ASF-Spam-Status: No, hits=1.5 required=10.0
	tests=NORMAL_HTTP_TO_IP,SPF_PASS,WEIRD_PORT
X-Spam-Check-By: apache.org
Received-SPF: pass (athena.apache.org: domain of skippy.hammond@gmail.com
 designates 209.85.210.190 as permitted sender)
Received: from [209.85.210.190] (HELO mail-yx0-f190.google.com)
 (209.85.210.190)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 17 Feb 2010 00:53:54 +0000
Received: by yxe28 with SMTP id 28so3420379yxe.29
        for <user@couchdb.apache.org>; Tue, 16 Feb 2010 16:53:33 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:received:received:message-id:date:from:reply-to
         :user-agent:mime-version:to:cc:subject:references:in-reply-to
         :content-type:content-transfer-encoding;
        bh=rNcIDg8siHp5OoJQy63jWrop3OHpySixiM73WImuBUo=;
        b=Vys5Q5eO5fqH2oketxsnzWx3xgi0ZjwWlywoGT3yjEqdxumMKij4vrMdsZFpK4B2kc
         ZLpLO8k87Oqjhq+NARRoCmGL/qy/5JPwZYzAkkD8WdEC83G16sWGfV7Bxz5DDI9AV2Fd
         AcsD7iOC15IWDCyfBJ23X/DiIdyFQcZ7fVI9A=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=message-id:date:from:reply-to:user-agent:mime-version:to:cc:subject
         :references:in-reply-to:content-type:content-transfer-encoding;
        b=e04Sfl8cto0/VdEpNSbGAn0/HeKUVxYAj5od4rwCjMts9FqYxiRatywP96xz9AzBsN
         4xhsd5EmxuN2nR8aUG6/WzjcdpdYxh/P7QRlwkoxm8PAbK5aw55+SBVzaP66IynA8mrF
         F1lS607Lq7nXH73w7cozkmW2BJBaoUR2w3Pd8=
Received: by 10.101.131.3 with SMTP id i3mr4566508ann.83.1266368013526;
        Tue, 16 Feb 2010 16:53:33 -0800 (PST)
Received: from ?192.168.0.9? (ppp118-209-160-223.lns20.mel6.internode.on.net
 [118.209.160.223])
        by mx.google.com with ESMTPS id 35sm2957629yxh.51.2010.02.16.16.53.31
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Tue, 16 Feb 2010 16:53:32 -0800 (PST)
Message-ID: <4B7B3DC7.9070706@gmail.com>
Date: Wed, 17 Feb 2010 11:52:23 +1100
From: Mark Hammond <skippy.hammond@gmail.com>
Reply-To: mhammond@skippinet.com.au
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US;
 rv:1.9.1.7) Gecko/20100111 Lightning/1.0b1 Thunderbird/3.0.1
MIME-Version: 1.0
To: user@couchdb.apache.org
CC: Brian Candler <B.Candler@pobox.com>
Subject: Re: Couchdb and futon authentication on trunk (910404)
References: <4B7A3596.7010503@gmail.com>
 <20100216093559.GA5483@uk.tiscali.com>
In-Reply-To: <20100216093559.GA5483@uk.tiscali.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

On 16/02/2010 8:35 PM, Brian Candler wrote:
> On Tue, Feb 16, 2010 at 05:05:10PM +1100, Patrick Barnes wrote:
>> - In admin party mode, when offered authentication details couchdb
>> and futon will complain. (from memory, I think the error was
>> {"error":"unauthorized","reason":"Name or password is incorrect."})
>
> Correct:
>
> $ curl -v http://admin:admin@127.0.0.1:5984/
> * About to connect() to 127.0.0.1 port 5984 (#0)
> *   Trying 127.0.0.1... connected
> * Connected to 127.0.0.1 (127.0.0.1) port 5984 (#0)
> * Server auth using Basic with user 'admin'
>> GET / HTTP/1.1
>> Authorization: Basic YWRtaW46YWRtaW4=
>> User-Agent: curl/7.18.0 (i486-pc-linux-gnu) libcurl/7.18.0 OpenSSL/0.9.8g
> * zlib/1.2.3.3 libidn/1.1
>> Host: 127.0.0.1:5984
>> Accept: */*
>>
> <  HTTP/1.1 401 Unauthorized
> <  Server: CouchDB/0.11.0be18ea3db-git (Erlang OTP/R12B)
> <  Date: Tue, 16 Feb 2010 09:31:57 GMT
> <  Content-Type: text/plain;charset=utf-8
> <  Content-Length: 67
> <  Cache-Control: must-revalidate
> <
> {"error":"unauthorized","reason":"Name or password is incorrect."}
> * Connection #0 to host 127.0.0.1 left intact
> * Closing connection #0
>
> I'd have thought that a browser would then prompt the user for new
> credentials.

IIUC, some browsers will only attempt to use the auth schemes in the 
www-authenticate header.  In the example above, such browsers wouldn't 
consider http basic auth was acceptable, so wouldn't prompt.

Cheers,

Mark