gambolputty opened a new issue #741: error "authorized" (401) when loading 
"_security"-doc
URL: https://github.com/apache/couchdb/issues/741
 
 
   Hello!
   
   I installed CouchDb 2.1.0 on my Ubuntu 16.04 machine. Somehow I cannot load 
the content of the `_security` doc without an error. I came across this issue 
after realizing that Fauxton is not displaying any "admins" or "members" on the 
"Permissions" page for a database.
   
   When I do `curl 
http://admin:my_password@my_server:5984/my_database/_security` I receive the 
same output when I open the URL in my web browser:
   
   ```
   {
     "error": "unauthorized",
     "reason": "You are not authorized to access this db.",
     "admins": {
       "names": [
         "admin"
       ]
     },
     "members": {
       "names": [
         "admin"
       ]
     }
   }
   ```
   
   * Version used: CouchDB 2.1.0
   * Browser Name and version: Chrome 60.0.31 (current stable)
   * Operating System and version: macOS Sierra 10.12.5
   
   `local.ini`:
   
   ```
   ; CouchDB Configuration Settings
   
   ; Custom settings should be made in this file. They will override settings
   ; in default.ini, but unlike changes made to default.ini, this file won't be
   ; overwritten on server upgrade.
   
   [couchdb]
   ;max_document_size = 4294967296 ; bytes
   ;os_process_timeout = 5000
   
   [couch_peruser]
   ; If enabled, couch_peruser ensures that a private per-user database
   ; exists for each document in _users. These databases are writable only
   ; by the corresponding user. Databases are in the following form:
   ; userdb-{hex encoded username}
   ;enable = true
   ; If set to true and a user is deleted, the respective database gets
   ; deleted as well.
   ;delete_dbs = true
   
   [chttpd]
   ;port = 5984
   ;bind_address = 127.0.0.1
   ; Options for the MochiWeb HTTP server.
   ;server_options = [{backlog, 128}, {acceptor_pool_size, 16}]
   ; For more socket options, consult Erlang's module 'inet' man page.
   ;socket_options = [{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]
   
   [httpd]
   ; NOTE that this only configures the "backend" node-local port, not the
   ; "frontend" clustered port. You probably don't want to change anything in
   ; this section.
   ; Uncomment next line to trigger basic-auth popup on unauthorized requests.
   ;WWW-Authenticate = Basic realm="administrator"
   
   ; Uncomment next line to set the configuration modification whitelist. Only
   ; whitelisted values may be changed via the /_config URLs. To allow the admin
   ; to change this value over HTTP, remember to include 
{httpd,config_whitelist}
   ; itself. Excluding it from the list would require editing this file to 
update
   ; the whitelist.
   ;config_whitelist = [{httpd,config_whitelist}, {log,level}, {etc,etc}]
   
   [query_servers]
   ;nodejs = /usr/local/bin/couchjs-node /path/to/couchdb/share/server/main.js
   
   [httpd_global_handlers]
   ;_google = {couch_httpd_proxy, handle_proxy_req, <<"http://www.google.com";>>}
   
   [couch_httpd_auth]
   ; If you set this to true, you should also uncomment the WWW-Authenticate 
line
   ; above. If you don't configure a WWW-Authenticate header, CouchDB will send
   ; Basic realm="server" in order to prevent you getting logged out.
   ; require_valid_user = false
   
   [os_daemons]
   ; For any commands listed here, CouchDB will attempt to ensure that
   ; the process remains alive. Daemons should monitor their environment
   ; to know when to exit. This can most easily be accomplished by exiting
   ; when stdin is closed.
   ;foo = /path/to/command -with args
   
   [daemons]
   ; enable SSL support by uncommenting the following line and supply the PEM's 
below.
   ; the default ssl port CouchDB listens on is 6984
   ; httpsd = {chttpd, start_link, [https]}
   
   [ssl]
   ;cert_file = /full/path/to/server_cert.pem
   ;key_file = /full/path/to/server_key.pem
   ;password = somepassword
   ; set to true to validate peer certificates
   ;verify_ssl_certificates = false
   ; Set to true to fail if the client does not send a certificate. Only used 
if verify_ssl_certificates is true.
   ;fail_if_no_peer_cert = false
   ; Path to file containing PEM encoded CA certificates (trusted
   ; certificates used for verifying a peer certificate). May be omitted if
   ; you do not want to verify the peer.
   ;cacert_file = /full/path/to/cacertf
   ; The verification fun (optional) if not specified, the default
   ; verification fun will be used.
   ;verify_fun = {Module, VerifyFun}
   ; maximum peer certificate depth
   ;ssl_certificate_max_depth = 1
   ;
   ; Reject renegotiations that do not live up to RFC 5746.
   ;secure_renegotiate = true
   ; The cipher suites that should be supported.
   ; Can be specified in erlang format "{ecdhe_ecdsa,aes_128_cbc,sha256}"
   ; or in OpenSSL format "ECDHE-ECDSA-AES128-SHA256".
   ;ciphers = ["ECDHE-ECDSA-AES128-SHA256", "ECDHE-ECDSA-AES128-SHA"]
   ; The SSL/TLS versions to support
   ;tls_versions = [tlsv1, 'tlsv1.1', 'tlsv1.2']
   
   ; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All 
requests to
   ; the Virual Host will be redirected to the path. In the example below all 
requests
   ; to http://example.com/ are redirected to /database.
   ; If you run CouchDB on a specific port, include the port number in the 
vhost:
   ; example.com:5984 = /database
   [vhosts]
   ;example.com = /database/
   
   [update_notification]
   ;unique notifier name=/full/path/to/exe -with "cmd line arg"
   
   ; To create an admin account uncomment the '[admins]' section below and add a
   ; line in the format 'username = password'. When you next start CouchDB, it
   ; will change the password to a hash (so that your passwords don't linger
   ; around in plain-text files). You can add more admin accounts with more
   ; 'username = password' lines. Don't forget to restart CouchDB after
   ; changing this.
   [admins]
   ;admin = mysecretpassword
   ```
 
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


With regards,
Apache Git Services

Reply via email to