incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jt <jtho...@42Six.com>
Subject Auth failure and 401 not working on windows in 1.0.2
Date Thu, 02 Feb 2012 05:18:23 GMT
Hello everyone,

I have an intriguing and very frustrating runtime difference between two
environments running the same code.  The code is designed to logout a user
from the couchdb hosted website by first invalidating the session (following
the guidelines of the session API) and then attempting to access the root of
the site itself.
When couch returns a 401 after Auth failure we have NGINX redirect the 401
to our login page.  This code has worked (and does work) on linux running
1.0.2 for many months.  However I have a requirement to run a windows
version with couch running as a Windows Service.  I am using the 1.1.1
version of couch (referenced from the wiki), but in my windows version after
successfully submitting the session invalidator (as recommended in the
session API) I am not receiving the 401.  Instead I am receiving a 200
response and never getting to my login page even though the session is gone.

Below I have pasted the output of both logs and the content of both
configurations.  Any help or guidance that can be offered is appreciated.  I
really hope I am missing something stupid here.  ☺


Thanks, 
Jt


Windows 7

*NGINX access Log entry for Windows running 1.1.1
*127.0.0.1 - - [01/Feb/2012:21:12:57 -0700] "DELETE /couchdb/_session
HTTP/1.1" 200 12 "https://localhost/" "Mozilla/5.0 (Windows NT 6.1; WOW64;
rv:10.0) Gecko/20100101 Firefox/10.0" "-"
127.0.0.1 - - [01/Feb/2012:21:13:00 -0700] "GET / HTTP/1.1" 200 14217 "-"
"Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0) Gecko/20100101 Firefox/10.0"
"-"

This does NOT work because CouchDB returns a 200 after invalidating the
session.

*CouchDB Configuration for Windows running 1.1.1
* [couchdb]
os_process_timeout = 60000

[httpd]
bind_address = 0.0.0.0

[couch_httpd_auth]
secret = f35362a03a502974e6adbc05db45fafe
require_valid_user = false

[log]
level = debug

[vhosts]

[update_notification]
view_updater = "..\..\..\..\ruby\bin\ruby.exe"
"..\etc\couchdb\view_updater.rb"

 [admins]
{username} = -hashed-3XXX…,3XXX…

[external]
fti = ..\..\..\..\..\Python32 ..\etc\couchdb\view_updater.rb


Linux


*NGINX access Log entry for Linux Server running 1.02
*10.1.11.29 - - [02/Feb/2012:03:39:50 +0000] "DELETE /couchdb/_session
HTTP/1.1" 200 12 "http://crlvermaster/" "Mozilla/5.0 (Macintosh; Intel Mac
OS X 10.7; rv:9.0.1) Gecko/20100101 Firefox/9.0.1" "-"
10.1.11.29 - - [02/Feb/2012:03:39:50 +0000] "GET / HTTP/1.1" 401 11115 "-"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:9.0.1) Gecko/20100101
Firefox/9.0.1" "-"

This works because CouchDB returns a 401 after invalidating the session.

*CouchDB Local.ini for Linux Server running 1.02
*[couchdb]
os_process_timeout = 60000

[httpd]
authentication_handlers = {couch_httpd_oauth, oauth_authentication_handler},
{couch_httpd_auth, cookie_authentication_handler}, {couch_httpd_auth,
default_authentication_handler}
authentication_handler =  {couch_httpd_auth, cookie_authentication_handler}

[log]

[couch_httpd_auth]
secret = a253c876139cb4550e3a12750eecc03e
require_valid_user = false
timeout = 6000

[vhosts]


[admins]
{username} = -hashed-3XXX…,3XXX…

[update_notification]
view_updater = /etc/couchdb/view_updater.rb

[external]
fti=/usr/bin/python /usr/share/couchdb-lucene/tools/couchdb-external-hook.py

[httpd_db_handlers]
_fti = {couch_httpd_external, handle_external_req, <<"fti">>}


--
View this message in context: http://couchdb-development.1959287.n2.nabble.com/Auth-failure-and-401-not-working-on-windows-in-1-0-2-tp7245802p7245802.html
Sent from the CouchDB Development mailing list archive at Nabble.com.

Mime
View raw message