Well that makes sense. I have a ebuild here for getting the trunk version installed.Think I'll just wait for 0.10 and use ssh tunnels for now.
Thanks Chris :) On Tue, May 5, 2009 at 1:39 PM, Chris Anderson <[email protected]> wrote: > On Mon, May 4, 2009 at 8:03 PM, Nicholas Orr <[email protected]> > wrote: > > > I don't see why I'd need to make the change in local.ini that is being > > suggested as I don't want any auth at all on couchdb. I did make the > change > > to see what happens > > > > [httpd] bind_address = 209.x.76.x authentication_handler = {couch_httpd, > > null_authentication_handler} > > > > response I got was: {"error":"unknown_error","reason":"undef"} > > This looks like you are using a version of CouchDB prior to the > addition of the null_authentication_handler. > > null_authentication_handler is designed for use with nginx in this > configuration. the simplest option is to upgrade couchdb to latest > trunk. > > if you can't do that for some reason you'll need to try something > else, like perhaps preventing nginx from forwarding the headers. > > good luck! > > > > > So that doesn't work anyway. > > > > Right now the only way I see being able to connect to 127.0.0.1:5984 is > via > > a ssh tunnel - which works - however it is not ideal. > > > > You guys that claim to have nginx proxy to couchdb - are you then using a > > user/pass everywhere (in code running on localhost)? I don't want to do > that > > and seems entirely possible. Must be more nginx params to specify to > achieve > > it.. > > > > Nick > > > > On Mon, Apr 13, 2009 at 9:37 AM, Samuel Wan <[email protected]> wrote: > > > >> Thanks Jan, both of your suggestions work as described. > >> > >> In case anyone else is interested, I wasn't able to suppress the > >> authentication headers with either the Nginx directives > >> "set_hide_header Authorization" or "set_hide_header WWW-Authenticate". > >> > >> -Sam > >> > >> On Sun, Apr 12, 2009 at 3:32 AM, Jan Lehnardt <[email protected]> wrote: > >> > Hi, > >> > > >> > I think nginx passes on auth headers and the default auth handler > >> > in CouchDB then tries to verify it which it can't because you don't > >> > have any admins. What works, I think, to have the same username > >> > and password combinations for CouchDB and the upstream proxy. > >> > > >> > If that's no feasible, I committed the `null_authentication_handler` > >> > that just accepts everybody. > >> > > >> > in your `local.ini` set: > >> > > >> > [httpd] > >> > authentication_handler = {couch_httpd, null_authentication_handler} > >> > > >> > Note that this is available only in trunk since r762574 > >> > > >> > Cheers > >> > Jan > >> > -- > >> > > >> > > >> > On 12 Apr 2009, at 07:29, Samuel Wan wrote: > >> > > >> >> I have also set up nginx as a reverse proxy to couchdb, and also > >> >> encountered the second login prompt mentioned by Alex Rudyk in his > >> >> email quoted below. The second authentication prompt looks like this: > >> >> > >> >> A username and password are being requested by http://<ip > >> >> address>. The site says: "administrator" > >> >> > >> >> I've confirmed that the proxy works without the auth turned on > (except > >> >> for the known couch.js subdirectory URL issue). I've also confirmed > >> >> that the default.ini and couchdb.ini files don't have admin > >> >> username/passwords activated. > >> >> > >> >> Here is my nginx configuration. > >> >> > >> >> location /couchdb { > >> >> rewrite /couchdb/(.*) /$1 break; > >> >> proxy_pass http://localhost:5984; > >> >> proxy_redirect off; > >> >> proxy_set_header Host $host; > >> >> proxy_set_header X-Real-IP $remote_addr; > >> >> proxy_set_header X-Forwarded-For > >> >> $proxy_add_x_forwarded_fo$ > >> >> auth_basic "Restricted"; > >> >> auth_basic_user_file htpasswd; > >> >> } > >> >> > >> >> Does the auth_basic directive pass along some kind of authentication > >> >> request to the proxied CouchDB server? It seems that the CouchDB > >> >> authentication is getting triggered even though I haven't modified > the > >> >> local.ini or default.ini files. > >> >> > >> >> -Sam > >> >> > >> >> --------------------- > >> >> From "Alex Rudyk" <[email protected]> > >> >> Subject Basic auth using Nginx as proxy > >> >> Date Mon, 12 Jan 2009 03:13:06 GMT > >> >> > >> >> I am trying to setup basic auth for couchdb that is proxied by Nginx. > >> >> I setuped nginx proxy and it works very well but when I am adding > basic > >> >> auth > >> >> for nginx it pass Nginx basic auth module, but browser show "enter > user > >> >> name > >> >> and password" dialog once again with real "administrator" that I > think > >> is > >> >> goes from couchdb new default_authentication_handler. My nginx realm > >> name > >> >> is > >> >> "Restricted". > >> >> Here is nginx config file: > >> >> > >> >> server { > >> >> listen 8088; > >> >> server_name couchdb; > >> >> location / { > >> >> proxy_pass http://127.0.0.1:5984; > >> >> proxy_redirect off; > >> >> proxy_set_header Port $proxy_port; > >> >> proxy_set_header X-Real-IP $remote_addr; > >> >> proxy_set_header X-Forwarded-For > >> >> $proxy_add_x_forwarded_for; > >> >> > >> >> auth_basic "Restricted"; > >> >> auth_basic_user_file htpasswd; > >> >> > >> >> } > >> >> } > >> >> > >> >> Does any body have some ideas how to fix this? > >> >> > >> > > >> > > >> > > > > > > -- > Chris Anderson > http://jchrisa.net > http://couch.io >
