couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From svilen ...@svilendobrev.com>
Subject Re: auth in url funnies
Date Fri, 22 Mar 2013 13:20:10 GMT
that's fine. just the error isn't very helpful..
and the browsers don't play nice.
anyway

> That's by design. In 1.2.0 you can only see your own user document.
> 
> B.
> 
> On 22 March 2013 13:03, svilen <az@svilendobrev.com> wrote:
> > g'day
> > i am playing with the plain user:psw auth in url, and it gives funny
> > results. at least to me.. (couchdb 1.2.0 in latest ubuntu)
> >
> > i register some user, say name=a/psw=b.
> >
> > with auth:
> > $ curl GET http://a:b@/_users/org.couchdb.user:a
> > is fine
> >
> > without auth:
> > $ curl GET http://_users/org.couchdb.user:a
> > returns 404 {"error":"not_found","reason":"missing"}
> >
> > now with auth, but in browsers:
> >  - opera http://a:b@/_users/org.couchdb.user:a works
> >  - firefox http://a:b@/_users/org.couchdb.user:a warns about
> > "server not needing authentication".. and strips the usr/psw
> > yielding 404
> >  - iexplorer - 404 - strips unconditionaly
> >
> > is this something that is expected to be so?
> > maybe the error can be changed (to 401) ?
> >
> > i don't know that part about the "server not needing
> > authentication" .. maybe something in the headers ? or some config
> > of couch_httpd_auth ?
> >
> > ciao
> > svilen

Mime
View raw message