On Monday, March 2, 2015 at 5:55:30 PM UTC+1, Jens Alfke wrote: > > > On Mar 2, 2015, at 3:19 AM, Pascal <[email protected] <javascript:>> > wrote: > > Interestingly, it does NOT work when I specify username/password, but > works if I don't specify anything and have sync-gateway and server running > on the same machine. I guess I'm still not understanding how authentication > between the two works. > > > Could you give more detail? >
I'm installing both server and sync gateway on the same machine, standard ports. I just realized that accessing localhost:8091 does NOT prompt to enter username/password, but accessing from my VM's host machine does. So that makes sense. Still, adding "username" and "password" to the sync gateway's configuration throws an error when starting sync gateway: 20:48:36.376695 Enabling logging: [REST] 20:48:36.377534 ==== Couchbase Sync Gateway/1.0.3(81;fa9a6e7) ==== 20:48:36.377845 Opening db /mydb as bucket "mydb", pool "default", server <http://localhost:8091> 20:48:36.378092 Opening Couchbase database mydb on <http://localhost:8091> as user "admin" 20:48:36.440077 WARNING: Error from Incr in _reserveSequences(0): MCResponse status=0x20, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- db.(*sequenceAllocator)._reserveSequences() at sequence_allocator.go:59 20:48:36.440498 FATAL: Error opening database: MCResponse status=0x20, opcode=SASL_AUTH, opaque=0, msg: Auth failure -- rest.RunServer() at config.go:415 Since it works without specifying username/password and since this is secure because it only works locally all is well and I'm satisfied. I just tried to understand how sync gateway would talk to a non-local Couchbase server. Is that not something people do? > About “running on the same machine” — by default, for security reasons, > the admin port (4985) is only accessible on the loopback interface, not > over a network. This is done by giving it the address “127.0.0.1:4985”, > since 127.0.0.1 is the loopback interface. If you want it > network-accessible, change the address to e.g. just “:4985”. But only do > this if the host running SG is on a secure network! > Yes, thanks, I don't think I'll need that. I was confused about the server's admin access, not the gateway's. Thanks a lot for your patience Pascal -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/f2088fab-d90b-499e-8a31-f1a65a064ca2%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
