couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen>
Subject auth in url funnies
Date Fri, 22 Mar 2013 13:03:27 GMT
i am playing with the plain user:psw auth in url, and it gives funny
results. at least to me.. (couchdb 1.2.0 in latest ubuntu)

i register some user, say name=a/psw=b.

with auth:
$ curl GET http://a:b@/_users/org.couchdb.user:a 
is fine

without auth:
$ curl GET http://_users/org.couchdb.user:a 
returns 404 {"error":"not_found","reason":"missing"}

now with auth, but in browsers:
 - opera http://a:b@/_users/org.couchdb.user:a works
 - firefox http://a:b@/_users/org.couchdb.user:a warns about "server not
 needing authentication".. and strips the usr/psw yielding 404
 - iexplorer - 404 - strips unconditionaly

is this something that is expected to be so? 
maybe the error can be changed (to 401) ?

i don't know that part about the "server not needing authentication" ..
maybe something in the headers ? or some config of couch_httpd_auth ?


View raw message