Return-Path: Delivered-To: apmail-incubator-couchdb-dev-archive@locus.apache.org Received: (qmail 51839 invoked from network); 22 Oct 2008 17:13:55 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 22 Oct 2008 17:13:55 -0000 Received: (qmail 52716 invoked by uid 500); 22 Oct 2008 17:13:58 -0000 Delivered-To: apmail-incubator-couchdb-dev-archive@incubator.apache.org Received: (qmail 52481 invoked by uid 500); 22 Oct 2008 17:13:58 -0000 Mailing-List: contact couchdb-dev-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: couchdb-dev@incubator.apache.org Delivered-To: mailing list couchdb-dev@incubator.apache.org Received: (qmail 52470 invoked by uid 99); 22 Oct 2008 17:13:57 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 22 Oct 2008 10:13:57 -0700 X-ASF-Spam-Status: No, hits=-0.0 required=10.0 tests=SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: local policy) Received: from [68.142.237.123] (HELO n10.bullet.re3.yahoo.com) (68.142.237.123) by apache.org (qpsmtpd/0.29) with SMTP; Wed, 22 Oct 2008 17:12:46 +0000 Received: from [68.142.230.29] by n10.bullet.re3.yahoo.com with NNFMP; 22 Oct 2008 17:13:24 -0000 Received: from [216.252.111.169] by t2.bullet.re2.yahoo.com with NNFMP; 22 Oct 2008 17:13:24 -0000 Received: from [127.0.0.1] by omp104.mail.re3.yahoo.com with NNFMP; 22 Oct 2008 17:13:24 -0000 X-Yahoo-Newman-Id: 425108.86508.bm@omp104.mail.re3.yahoo.com Received: (qmail 66819 invoked from network); 22 Oct 2008 17:13:24 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Received:X-YMail-OSG:X-Yahoo-Newman-Property:Message-Id:From:To:Content-Type:Content-Transfer-Encoding:Mime-Version:Subject:Date:X-Mailer; b=JGk8as9PSdfgfU0HkwHGUizBWKzVOY/vwsSXbBwogBxAa7GqZbY3O4vw4HRE2bf+78x3nkz7YgUyDnA77cP46MDzfOikoPd+D+DLqKcSeaqmMjSFieY4BInutq7ND9HDpy+lGN6L6mpTEkGelvg578xO29/XIVHlasGpL2dpP5M= ; Received: from unknown (HELO ?192.168.1.200?) (damien_katz@96.33.90.152 with plain) by smtp108.plus.mail.re1.yahoo.com with SMTP; 22 Oct 2008 17:13:23 -0000 X-YMail-OSG: nKRBsqYVM1lMsdJSjOvmtk9QzYxd.uMIfn4_FokqOr9slus6N9.C6aA4ORP8gAZXUP4U7vB6bFiwuo8.7dSvPcvP5a858kz1P7orEOef_R4VVO4XuM7fbEqmlbsu6PX_JrCBbKORHQjlQxDizDV44Fv2e9WAdKDRw2vgUg-- X-Yahoo-Newman-Property: ymail-3 Message-Id: From: Damien Katz To: couchdb-dev@incubator.apache.org Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (Apple Message framework v929.2) Subject: new CouchDB feature: Admin accounts Date: Wed, 22 Oct 2008 13:13:22 -0400 X-Mailer: Apple Mail (2.929.2) X-Virus-Checked: Checked by ClamAV on apache.org I checked a new feature, Admin accounts. Admin accounts are used for perform admin restricted actions like creating/deleting databases and altering the configuration settings. If there are no admin accounts for a server, then admin checking is turned off and anyone can perform admin actions. The admin checking uses HTTP basic authentication, we'll need to eventually support SSL to make this secure or support a more secure authentication standard. When the user attempts to perform an Admin action, the browser checks the user supplied credentials and sees it if matches any admin account. If not, a 401 Unauthorized error is returned and the HTTP client can resubmit with proper credentials. When the credentials match, the action is allowed to proceed. To turning admin checking on, in the local.ini file, you add an accounts section, with user name/password pairs, like this: [admins] admin = password damien katz = foo /end When CouchDB starts it will find these new passwords and then hash them: [admins] admin = -hashed- d6bdc9039b19e41051eb1b94ea8ef905b1a11e2e ,b53ce4e92ad24ad8fc14feadb58d8b60 damien katz = - hashed -2f3e9eea97e44b2bb09b56d3b1d66a41f0a74be2,6c37137b479369759e8dc591573b0599 /end The hashed password line consists first of "-hashed-" then 2 hexadecimal encoded numbers separated by a comma, the 160 bit sha hashed password + salt 160 bit sha hash, and then the 128 bit salt (a UUID): user name = -hashed-%160bit hashed value%,%128 bit salt% So the only restrictions on passwords is they shouldn't start with "- hashed-" and can't contain newlines. Once a password is hashed, to change it, reset the password via the HTTP config api, CouchDB will then automatically hash the password without restarting. Or edit it by hand by deleting the old hashed value (everything after the "=") and enter in the new password. Then restart the server. Problems/Caveats: To run the test suite against a server with admin accounts enabled requires the user to have admin access. There is a known problem in Futon with Safari, maybe other browsers, where it doesn't prompt the user for credentials, it just fails the HTTP request. In Firefox when the tests start to run and the HTTP client gets the first failure, the user is asked by the browser for his user name and password, the request automatically retried and all the tests pass without incident. But in Safari, the tests simply fail with 401 errors and the user is never prompted for credentials. A workaround is to do something to force the browser to "log-in" by trying to view config values, or create a new database. Once logged in like that, the tests will pass just fine on Safari. We maybe need to force the log-ins at the beginning of the tests, or provide a Log-in button somewhere in Futon. Feedback please. -Damien