Thanks Jan, both of your suggestions work as described. In case anyone else is interested, I wasn't able to suppress the authentication headers with either the Nginx directives "set_hide_header Authorization" or "set_hide_header WWW-Authenticate".
-Sam On Sun, Apr 12, 2009 at 3:32 AM, Jan Lehnardt <[email protected]> wrote: > Hi, > > I think nginx passes on auth headers and the default auth handler > in CouchDB then tries to verify it which it can't because you don't > have any admins. What works, I think, to have the same username > and password combinations for CouchDB and the upstream proxy. > > If that's no feasible, I committed the `null_authentication_handler` > that just accepts everybody. > > in your `local.ini` set: > > [httpd] > authentication_handler = {couch_httpd, null_authentication_handler} > > Note that this is available only in trunk since r762574 > > Cheers > Jan > -- > > > On 12 Apr 2009, at 07:29, Samuel Wan wrote: > >> I have also set up nginx as a reverse proxy to couchdb, and also >> encountered the second login prompt mentioned by Alex Rudyk in his >> email quoted below. The second authentication prompt looks like this: >> >> A username and password are being requested by http://<ip >> address>. The site says: "administrator" >> >> I've confirmed that the proxy works without the auth turned on (except >> for the known couch.js subdirectory URL issue). I've also confirmed >> that the default.ini and couchdb.ini files don't have admin >> username/passwords activated. >> >> Here is my nginx configuration. >> >> location /couchdb { >> rewrite /couchdb/(.*) /$1 break; >> proxy_pass http://localhost:5984; >> proxy_redirect off; >> proxy_set_header Host $host; >> proxy_set_header X-Real-IP $remote_addr; >> proxy_set_header X-Forwarded-For >> $proxy_add_x_forwarded_fo$ >> auth_basic "Restricted"; >> auth_basic_user_file htpasswd; >> } >> >> Does the auth_basic directive pass along some kind of authentication >> request to the proxied CouchDB server? It seems that the CouchDB >> authentication is getting triggered even though I haven't modified the >> local.ini or default.ini files. >> >> -Sam >> >> --------------------- >> From "Alex Rudyk" <[email protected]> >> Subject Basic auth using Nginx as proxy >> Date Mon, 12 Jan 2009 03:13:06 GMT >> >> I am trying to setup basic auth for couchdb that is proxied by Nginx. >> I setuped nginx proxy and it works very well but when I am adding basic >> auth >> for nginx it pass Nginx basic auth module, but browser show "enter user >> name >> and password" dialog once again with real "administrator" that I think is >> goes from couchdb new default_authentication_handler. My nginx realm name >> is >> "Restricted". >> Here is nginx config file: >> >> server { >> listen 8088; >> server_name couchdb; >> location / { >> proxy_pass http://127.0.0.1:5984; >> proxy_redirect off; >> proxy_set_header Port $proxy_port; >> proxy_set_header X-Real-IP $remote_addr; >> proxy_set_header X-Forwarded-For >> $proxy_add_x_forwarded_for; >> >> auth_basic "Restricted"; >> auth_basic_user_file htpasswd; >> >> } >> } >> >> Does any body have some ideas how to fix this? >> > >
