incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: passwords
Date Tue, 23 Apr 2013 12:10:09 GMT
Hm, I made an admin 'foo' with password 'foo:bar' just fine (on master
branch, but this hasn't changed since those fixes I think).
B.

On 23 April 2013 12:43, svilen <az@svilendobrev.com> wrote:
> so there is an issue about it
> https://issues.apache.org/jira/browse/COUCHDB-969
>
> which says "resolved", but looking at 1.2.0 sources - couch_httpd_auth/
> basic_name_pw, i don't see any special case (or test). (although i cannot read Erlang
well)
>
> i tested with passwords like "//" and "@@", seems to work. So it's only
> ':' that is the trouble as in the issue above.
>
> ciao
> svilen
>
> On Tue, 23 Apr 2013 14:15:47 +0300
> svilen <az@svilendobrev.com> wrote:
>
>> g'day
>>
>> i am trying to set a user with a password that is not just
>> alphanumeric. e.g. "b:@" (or if uri-encoded, b%3A%40)
>>
>> but the result of getting the /_users/ doc is always 401-unauthorized.
>>
>> if i login in Futon, it seems to work.
>> when i compute the pasword_sha myself and compare to whats in
>> user/doc, it matches.
>>
>> but http via basic authentication won't let me in.
>> e.g.
>> curl -vX GET
>> http://auser:b%3A%40@server:5984/_users/org.couchdb.user%3Aauser
>>
>> (seems the subject is very tricky and rarely paid attention to in
>> various http libraries i looked recently. Everyone just lumps the
>> usr+":"+psw and uri-encoding/decoding is left out..)
>>
>> any idea of what can be the problem?
>> what is Futon using so i can check the source?
>>
>> ciao
>> svilen

Mime
View raw message