search

nlight-jdev / jcouchdb

Automatically exported from code.google.com/p/jcouchdb
Other
0 stars 0 forks source link

ServerImpl needs to use pre-emptive HTTP authentication to connect to a secured CouchDB instance #73

Open GoogleCodeExporter opened 8 years ago

GoogleCodeExporter commented 8 years ago 
What steps will reproduce the problem?
1. Set up CouchDB instance with server admins
2. Attempt to create a new database using JCouchDB API:
   Database db = new Database("localhost", 5984, "mydb");
   AuthScope authScope = new AuthScope("localhost", 5984);
   Credentials credentials = new UsernamePasswordCredentials("me", "password");
   db.getServer().setCredentials(authScope, credentials);
   db.getServer().createDatabase(db.getName());

What is the expected output? What do you see instead?
Database "mydb" should be created if it doesn't already exist. Instead, we get 
an error with code 302.

What version of the product are you using? On what operating system?
1.0.1-1 on Windows (ugh)

Please provide any additional information below.
CouchDB returns a HTTP code 302 redirect if it doesn't receive BASIC 
authentication and redirection is supported by the client (CouchDB redirects to 
a login page with the message that "you're not a server admin"). HttpClient 
however only sends authentication when it gets a 401 back from the server, 
therefore authentication never happens.

ServerImpl.getHttpClient() can be modified to add in a request interceptor to 
pre-emptively send authentication to CouchDB. See the following for an example: 
http://hc.apache.org/httpcomponents-client-ga/httpclient/examples/org/apache/htt
p/examples/client/ClientPreemptiveBasicAuthentication.java

Original issue reported on code.google.com by sidney.s...@gmail.com on 20 Jan 2011 at 11:27

GoogleCodeExporter commented 8 years ago 
I'm also failing to create a database on CouchDB 1.1.0 (Linux) but WireShark 
tells me I'm receiving plenty of 401 responses.  I never see the Authorization 
header set at all.

Original comment by smoye...@gmail.com on 3 Aug 2011 at 3:57

GoogleCodeExporter commented 8 years ago 
I'm having the same issue:

Authorization: Basic xxx

is missing in the header!! Credentials and AuthScope are set!

Original comment by scara...@gmail.com on 13 Sep 2011 at 1:52

GoogleCodeExporter commented 8 years ago 
Same thing here. Fix would be great...

Original comment by js.cedar...@gmail.com on 11 Oct 2011 at 9:11

GoogleCodeExporter commented 8 years ago 
This is fixed by editing default.ini and rebooting CouchDB:

; Uncomment next line to trigger basic-auth popup on unauthorized requests.
WWW-Authenticate = Basic realm="administrator"

Original comment by bjmo...@gmail.com on 22 Apr 2012 at 10:30