*Hi Guys,*
Is it correct that *password* is not checked by Sync Gateway on custom session creation? Documentation here <http://developer.couchbase.com/mobile/develop/references/sync-gateway/admin-rest-api/session/post---db--_session-/index.html> says that we have to provide name and password, but curl -X POST http://localhost:4985/gw/_session -H "Content-Type:application/json" -d '{"name":"andrew"}' gives me valid session, w/o any password, works with wrong password too: {"session_id":"b09b4992ea0dcf648c3126bafda837d1506fd716","expires": "2015-01-22T17:46:54.112484407+01:00","cookie_name":"SyncGatewaySession"} the user was created like this: curl -X POST localhost:4985/gw/_user/ -H "Content-Type:application/json" -d '{"name":"andrew", "password":"secret"}' and this complains if I try to create user w/o password at all. -- P.S. I have the latest build from source code, master branch. Pretty standard configuration w/o guest users. -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/01cb1183-399a-4d93-a5b3-1a88241c7f1d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
