couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcello Nuccio <marcello.nuc...@gmail.com>
Subject Re: Bug parsing Accept header?
Date Fri, 17 Jun 2011 15:32:25 GMT
2011/6/17 Robert Newson <robert.newson@gmail.com>:
> Hi Marcello,
>
> The current logic for CouchDB 1.1.0 is this;
>
> 1) If the client accepts "application/json" then respond with 401 and
> content-type "application/json" (i.e, a normal HTTP/REST response.
> 2) if the client accepts "text/html" then respond with a 302 to the
> authentication_redirect url.
>
> This is from couch_httpd:error_headers/4.

I have responded here:
https://issues.apache.org/jira/browse/COUCHDB-1175?focusedCommentId=13051132&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-13051132


> I'll note that Futon does not produce login popups under the
> conditions you describe but perhaps I failed to reproduce your test
> scenario (in Firefox 4.0.1, anyway).

Did you setup a security object with "admins" and "readers" for the DB?

If you are not logged in, Futon should display an alert with:

    Error: unauthorized
    You are not authorized to access this db.

This is the same behaviour as CouchDB-1.0.

The problem is when you try to access a couchapp in the protected DB.
Since you are not redirected to a login page, you get stuck with a
access denied error.

Hope I have been clear... my English is very basic... sorry.

Marcello

Mime
View raw message