On Saturday, May 17, 2014 6:00:48 AM UTC-7, Michael Mayer wrote: > > We are using cookie authentication for the sync gateway from our iOS > application. We have written a custom authentication api that the mobile > application calls. We authenticate the user via Active Directory in our > enterprise and authorize them using custom logic. Once they are > authenticated and authorized, our api calls the sync-gateway /db/_session > api via the admin port as described in your documentation and we retrieve a > session cookie that is sent back to the phone and stored in the > NSHTTPCookieStorage. When the pull and push replicators are started this > works fine as long as the replicators are pointed to the admin port, > however it does not seem to be working when we point the replicators to the > standard interface port. On the standard interface port we receive a > "authentication required" message. For obvious reasons we do not want to > expose the admin port to the world for our mobile devices to connect. Can > you explain how to make this work on the standard port? >
In order for the cookie to be used, it must be set from the same origin as the sync connections are going to. So the call from your mobile code to your custom API, should be in a sub-path of the same domain and port as the sync service. Does that help? Chris > > > I noticed this quote on your Sync Gateway documentation page. Is this my > issue? > >> Subsequent client requests to the gateway will now include the session in >> a cookie, which the gateway will recognize. For the cookie to be >> recognized, your site must be configured so that your app’s API and the >> gateway appear on the same public host name and port. >> > -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/13dbb6ff-48e2-497d-b211-f2d7ecfadd67%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
