[I] Basic Authentication for `_utils` does not work if `require_valid_user_except_for_up` is set [couchdb]

[via GitHub]

hpop opened a new issue, #5186:
URL: https://github.com/apache/couchdb/issues/5186

   [NOTE]: # ( ^^ Provide a general summary of the issue in the title above. ^^ 
)
   
   ## Description
   When setting `require_valid_user_except_for_up` instead of 
`require_valid_user` in the CouchDB configuration, the system does not prompt 
for username and password when accessing the `_utils` endpoint. Instead, a 401 
is returned. `{"error":"unauthorized","reason":"Authentication required."}`
   
    When changing the configuration back to `require_valid_user`, the basic 
authentication prompt appears as expected.
   
   [NOTE]: # ( Describe the problem you're encountering. )
   [TIP]:  # ( Do NOT give us access or passwords to your actual CouchDB! )
   
   ## Steps to Reproduce
   
   1. Set `require_valid_user_except_for_up = true` in local.ini
   2. Restart CouchDB to apply the configuration change.
   3. Attempt to access the `_utils` endpoint (e.g., 
`http://localhost:5984/_utils`).
   
   [NOTE]: # ( Include commands to reproduce, if possible. curl is preferred. )
   
   ## Expected Behaviour
   The `_utils` endpoint should prompt for authentication
   
   [NOTE]: # ( Tell us what you expected to happen. )
   
   ## Your Environment
   [TIP]:  # ( Include as many relevant details about your environment as 
possible. )
   [TIP]:  # ( You can paste the output of curl http://YOUR-COUCHDB:5984/ here. 
)
   
   * CouchDB version used: 3.3 (Docker)
   * Browser name and version: Firefox
   * Operating system and version: MacOS
   
   
   ```
   {
     "couchdb": "Welcome",
     "version": "3.3.3",
     "git_sha": "40afbcfc7",
     "uuid": "3a7f2e8d1c9b4f6e0d5a2c8b7f3e1d9a",
     "features": [
       "access-ready",
       "partitioned",
       "pluggable-storage-engines",
       "reshard",
       "scheduler"
     ],
     "vendor": {
       "name": "The Apache Software Foundation"
     }
   }
   ```
   
   local.ini
   ```
   [couchdb]
   single_node=true
   uuid = 3a7f2e8d1c9b4f6e0d5a2c8b7f3e1d9a
   
   [chttpd]
   require_valid_user_except_for_up = true
   bind_address = any
   authentication_handlers = {chttpd_auth, jwt_authentication_handler}, 
{chttpd_auth, cookie_authentication_handler}, {chttpd_auth, 
default_authentication_handler}
   enable_cors = true
   
   [jwt_keys]
   ....
   
   [jwt_auth]
   roles_claim_path = cognito:groups
   
   [couch_peruser]
   enable = true
   
   [admins]
   admin = -pbkdf2-...
   
   [cors]
   origins = *
   headers = accept, authorization, content-type, origin, referer
   credentials = true
   methods = GET, PUT, POST, HEAD, DELETE
   
   ```
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@couchdb.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org