Return-Path: X-Original-To: apmail-couchdb-user-archive@www.apache.org Delivered-To: apmail-couchdb-user-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C17AC1085C for ; Tue, 23 Apr 2013 13:02:11 +0000 (UTC) Received: (qmail 5704 invoked by uid 500); 23 Apr 2013 13:02:10 -0000 Delivered-To: apmail-couchdb-user-archive@couchdb.apache.org Received: (qmail 5660 invoked by uid 500); 23 Apr 2013 13:02:10 -0000 Mailing-List: contact user-help@couchdb.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: user@couchdb.apache.org Delivered-To: mailing list user@couchdb.apache.org Received: (qmail 5640 invoked by uid 99); 23 Apr 2013 13:02:09 -0000 Received: from minotaur.apache.org (HELO minotaur.apache.org) (140.211.11.9) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Apr 2013 13:02:09 +0000 Received: from localhost (HELO mail-lb0-f179.google.com) (127.0.0.1) (smtp-auth username rnewson, mechanism plain) by minotaur.apache.org (qpsmtpd/0.29) with ESMTP; Tue, 23 Apr 2013 13:02:09 +0000 Received: by mail-lb0-f179.google.com with SMTP id t1so621082lbd.38 for ; Tue, 23 Apr 2013 06:02:07 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:content-type:content-transfer-encoding; bh=JiGJLHlMmaicqG86Bh7fJzWS+qF8PRdd1csBDkuOfN4=; b=U6eNTARaXTyiWR7wcfugSStat7ZbcBetXNP6v1fAq4PTXIC5TNGlvXbzUjI9QdIGTq XSuG5hCUzFLxy7gC5BfmBYzb+CpRs9Ut9T3o70+MNeK2w/EgHhBb+USeaFAt8QinvF3o NgVVwmjMUe9SBwKsWOPWzBxjLJU6JXOdvwUqUviuvkWUq7Lw3xaz+Q9GzagzfjlJi7Iv Xvg5ejevsBpkydoXAYB8as2PTTEVaKILYide/VeLU+1a24inm4cz4LYN9MqRXegovZ5K NvfG9BzFpr02UTQtV62dJlo+uPzWYcbpidla9/h+6hcsboG5vNa9uN1rpR7YGandDHHF X+Xg== MIME-Version: 1.0 X-Received: by 10.112.199.230 with SMTP id jn6mr15315664lbc.131.1366722127038; Tue, 23 Apr 2013 06:02:07 -0700 (PDT) Received: by 10.112.168.98 with HTTP; Tue, 23 Apr 2013 06:02:06 -0700 (PDT) In-Reply-To: References: <20130423141547.7472d36e@svilendobrev.com> Date: Tue, 23 Apr 2013 14:02:06 +0100 Message-ID: Subject: Re: passwords From: Robert Newson To: "user@couchdb.apache.org" Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable I believe the fix for this is 5d4ef930 which is on master (which will be 1.4) only. specifically; - [Name, Pass] =3D re:split(NamePass, ":", [{return, list}]), + [Name, Pass] =3D re:split(NamePass, ":", [{return, list}, {parts, = 2}]), B. On 23 April 2013 13:59, Robert Newson wrote: > Ah, that's a great distinction, rings a bell! > > On 23 April 2013 13:39, Dave Cottlehuber wrote: >> On 23 April 2013 13:15, svilen wrote: >>> g'day >>> >>> i am trying to set a user with a password that is not just alphanumeric= . >>> e.g. "b:@" (or if uri-encoded, b%3A%40) >>> >>> but the result of getting the /_users/ doc is always 401-unauthorized. >>> >>> if i login in Futon, it seems to work. >>> when i compute the pasword_sha myself and compare to whats in user/doc, >>> it matches. >>> >>> but http via basic authentication won't let me in. >>> e.g. >>> curl -vX GET >>> http://auser:b%3A%40@server:5984/_users/org.couchdb.user%3Aauser >>> >>> (seems the subject is very tricky and rarely paid attention to in >>> various http libraries i looked recently. Everyone just lumps the >>> usr+":"+psw and uri-encoding/decoding is left out..) >> >> Hi Svilen, >> >> From curl, you can: >> >> curl -vX GET $COUCH -u tricky:p@sswd >> >> and leaving off the password field allows you to enter it manually or >> even echo ':p@sswd' | curl =85 >> >> or if you're POSTing I think you can also use this: >> http://curl.haxx.se/docs/manpage.html#--data-urlencode >> >> curl -d name=3Djohn --data-urlencode passwd=3D@31&3*J https://www.mysite= .com >> >> Anyway AFAICT there's a bug in CouchDB if the password starts with a `:` >> >> $COUCH=3Dhttp://admin:pwd@localhost:5984 >> >> curl -HContent-Type:application/json \ >> -vXPUT $COUCH/_users/org.couchdb.user:mrtricky \ >> --data-binary '{"_id": "org.couchdb.user:mrtricky","name": >> "mrtricky","roles": [],"type": "user","password": ":pwd"}' >> >> I would expect that I can subsequently use either curl or httpie.org, >> neither of them succeed with -u mrtricky::pwd or -u mrtricky & getting >> password from terminal. >> >> A+ >> Dave