CouchDB’s always has the problem/feature that by default it returns 401 responses without the required “WWW-Authenticate” header. This pretty much disables HTTP Basic auth since the client doesn’t know what kind of auth to use or what realm to look up credentials for. Fortunately you can add a “WWW-Authenticate” key to the [httpd] section of the config file to enable this response header.
This no longer seems to be working in CouchDB 1.4. When the server starts up it lowercases the key name, turning it into “www-authenticate”, which isn’t recognized. Worse, it _rewrites_ the config file with the incorrect name. The only way to set this config value properly is to do it at runtime via Futon or the REST _config API, but the change doesn’t persist, so it has to be done after every launch. I filed COUCHDB-1479 on this a year+ ago, but it’s gotten worse with 1.4. It used to be that you could hand-edit the config file with the uppercase key and it would persist; but in 1.4 it immediately gets lowercased. Any ideas on whether there’s a way to work around this? —Jens
