ricellis edited a comment on issue #1947: Cookie-only, no-basic-auth "require_valid_user=true" (except for /_session) URL: https://github.com/apache/couchdb/issues/1947#issuecomment-553396870 It would be good to have this fix, it is really unexpected that you are required to submit the same auth details twice (as a header and in the body) to get a session cookie when `require_valid_user=true`. Given https://github.com/apache/couchdb/issues/1550 - with this change the replicator would also stop falling back to Basic auth when `require_valid_user=true`. That would be beneficial in cases where the PBKDF2 iterations are configured strongly and the session cookie has performance advantages over checking the basic creds on each request. EDIT: it seems perhaps I misunderstood the fallback behaviour in the replicator, but regardless this would be a lot less burdensome if `POST _session` "just worked" when the body had the correct creds.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
