On Sun, Sep 13, 2009 at 10:59 AM, Debasish Ghosh <[email protected]> wrote: > On Sun, Sep 13, 2009 at 11:16 PM, Chris Anderson <[email protected]> wrote: > >> On Sun, Sep 13, 2009 at 1:31 AM, Debasish Ghosh >> <[email protected]> wrote: >> > I think I am doing something wrong. Would appreciate any help on this ... >> > In my local.ini, I have set up the following : >> > >> > [admins] >> > [jchris = secretpass >> > >> > [httpd] >> > authentication_handlers = {couch_httpd, default_authentication_handler} >> > >> > and I create a database using >> > >> > curl -vX PUT http://jchris:secretp...@localhost:5984/albums >> > >> > I get : {ok, true} >> > >> > How do I get the _session handler that you have mentioned ? Doing a .. >> > >> > $ curl http://jchris:mysecretpassw...@localhost:5984/_session >> > >> >> this "just works" for me. I'm not sure about cookie etc... I just give >> my creds on the curl line and _session gives me back the userCtx. >> > >>> creds on the curl line means as u have mentioned .. >>> $ curl http://jchris:mysecretpassw...@localhost:5984/_session ? >>> hmm .. doesn't work for me :( .. It gives me something like "illegal > database name" on _session .. >>> I am using an April snapshot of 0.10. I will try switching to a more > recent snapshot .. >>> Will u mind sharing the local.ini & default.ini ? >
I'm currently on trunk using make dev && utils/run, my password line is: jchris = -hashed-7d882376727dadb528a9e4b160809f46674157fb,32ba977823a5e7a4d978b2139149706a > >> I'm running from couchdb trunk but I think anything in the 0.10.x >> branch should work for this. >> >> > obviously doesn't work, since I have not set anything in the session and >> it >> > gives me an error. You have mentioned in the mail "when you are >> > properly logged in". Do I have to handle user login myself through some >> > pluggable login module ? I think I am missing something here. Help! >> > >> > Thanks. >> > - Debasish >> > >> > On Sun, Sep 13, 2009 at 10:46 AM, Chris Anderson <[email protected]> >> wrote: >> > >> >> On Sat, Sep 12, 2009 at 7:47 AM, Debasish Ghosh >> >> <[email protected]> wrote: >> >> > Hi - >> >> > >> >> > The validation function validate_doc_update takes 3 parameters, >> newdoc, >> >> > olddoc and userContext. I am trying to get my head into how the >> >> > authentication and authorization stuff is related to this. The CouchDB >> >> book >> >> > has the following code snippet in 7.2.4 Authorship section .. >> >> > function(newDoc, oldDoc, userCtx) { >> >> > if (newDoc.author) { >> >> > enforce(newDoc.author == userCtx.author, >> >> > "You may only update documents with author " + userCtx.author); >> >> > } >> >> > } >> >> > >> >> > In my linux environment, when I run CouchDB validation functions with >> a >> >> > user-id and password setup in local.ini under [admins], I get the >> >> following >> >> > as the contents of the third parameter of the validation function :- >> >> > >> >> > {"db" : "test", "name" : null, "roles" : []} >> >> > >> >> > In the above snippet from the book there appears to be a field >> >> > userCtx.author. Just wondering how to get it here and why I am not >> seeing >> >> it >> >> > in my output. >> >> > >> >> >> >> heh, thanks for the catch.. It should read: >> >> >> >> enforce(newDoc.author == userCtx.name >> >> >> >> > Also any pointer on the security, authentication and authorization >> part >> >> will >> >> > be appreciated. >> >> > >> >> >> >> I'm not sure, but you should be getting more when you are properly >> >> logged in -- this is worth investigating more. What do you get for >> >> this?: >> >> >> >> $ curl http://jchris:mysecretpassw...@localhost:5984/_session >> >> {"ok":true,"name":"jchris","roles":["_admin"]} >> >> >> >> >> >> > Thanks in advance .. >> >> > - Debasish >> >> > >> >> >> >> >> >> >> >> -- >> >> Chris Anderson >> >> http://jchrisa.net >> >> http://couch.io >> >> >> > >> >> >> >> -- >> Chris Anderson >> http://jchrisa.net >> http://couch.io >> > -- Chris Anderson http://jchrisa.net http://couch.io
