So if I understand you correctly, If my sync-gateway were on https://sg.somedomain.com:4984, my authorization API would have to be on something like https://sg.somedomain.com:4984/auth?
On Monday, May 19, 2014 12:22:16 PM UTC-5, J. Chris Anderson wrote: > > > > On Saturday, May 17, 2014 6:00:48 AM UTC-7, Michael Mayer wrote: >> >> We are using cookie authentication for the sync gateway from our iOS >> application. We have written a custom authentication api that the mobile >> application calls. We authenticate the user via Active Directory in our >> enterprise and authorize them using custom logic. Once they are >> authenticated and authorized, our api calls the sync-gateway /db/_session >> api via the admin port as described in your documentation and we retrieve a >> session cookie that is sent back to the phone and stored in the >> NSHTTPCookieStorage. When the pull and push replicators are started this >> works fine as long as the replicators are pointed to the admin port, >> however it does not seem to be working when we point the replicators to the >> standard interface port. On the standard interface port we receive a >> "authentication required" message. For obvious reasons we do not want to >> expose the admin port to the world for our mobile devices to connect. Can >> you explain how to make this work on the standard port? >> > > In order for the cookie to be used, it must be set from the same origin as > the sync connections are going to. So the call from your mobile code to > your custom API, should be in a sub-path of the same domain and port as the > sync service. > > Does that help? > Chris > > > >> >> >> I noticed this quote on your Sync Gateway documentation page. Is this >> my issue? >> >>> Subsequent client requests to the gateway will now include the session >>> in a cookie, which the gateway will recognize. For the cookie to be >>> recognized, your site must be configured so that your app’s API and the >>> gateway appear on the same public host name and port. >>> >> -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/ce614b16-f473-4234-afcc-8d61cfcc3e38%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
