Uploaded image for project: 'CouchDB'
  1. CouchDB
  2. COUCHDB-1356

POST _session responds with name: null if _admin user and no _users doc present

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 1.1.1, 2.0.0, 1.6.1
    • Fix Version/s: 2.0.0
    • Component/s: None
    • Labels:
      None

      Description

      When logging in with admin credentials (and no corresponding _users doc, if that is important), the response of the POST to _session has the name property set to null:

      {"ok":true,"name":null,"roles":["_admin"]}

      It should be the name of the admin instead, like it does when logging in with a standard user:

      {"ok":true,"name":"standarduser","roles":[]}

      Requesting the _session object after logging in with an admin, the name is proper set:

      {"ok":true,"userCtx":

      {"name":"adminuser","roles":["_admin"]}

      ,"info":{"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}}

      Johannes

        Activity

        Hide
        jhs Jason Smith added a comment -

        Hi, Johannes. I believe the userCtx.name value indicates the name of the document in the _users database, or `null` to indicate no corresponding document. Thus, CouchDB is communicating that this request is authorized but not to any specific user on the server. (Something similar happens if you have an /etc/passwd, NIS, or LDAP error; or if you remove a Unix user and look at their old files. User and group ownership will be indicated by the underlying integer. Both the type and value communicate information.)

        CouchDB also uses null to indicate that it is in Admin Party mode. If you query /_session without authorization data, the name will be null. If the roles include "_admin", then Admin Party mode is active.

        Show
        jhs Jason Smith added a comment - Hi, Johannes. I believe the userCtx.name value indicates the name of the document in the _users database, or `null` to indicate no corresponding document. Thus, CouchDB is communicating that this request is authorized but not to any specific user on the server. (Something similar happens if you have an /etc/passwd, NIS, or LDAP error; or if you remove a Unix user and look at their old files. User and group ownership will be indicated by the underlying integer. Both the type and value communicate information.) CouchDB also uses null to indicate that it is in Admin Party mode. If you query /_session without authorization data, the name will be null. If the roles include "_admin", then Admin Party mode is active.
        Hide
        jjs Johannes J. Schmidt added a comment -

        But then why is the name not null when issuing a GET request to _session like I mentioned above?
        I believe the POST response should be according to the GET response.

        Btw. the couch I query is not in Admin Party mode.

        Show
        jjs Johannes J. Schmidt added a comment - But then why is the name not null when issuing a GET request to _session like I mentioned above? I believe the POST response should be according to the GET response. Btw. the couch I query is not in Admin Party mode.
        Hide
        breathevalue Ben Cohen added a comment -

        I see the same issue in version 1.3.1.

        I post the document
        {
        'name': 'admin'
        'password': 'adminpass'
        }

        to _session to login and receive the reply:

        {
        "ok":true,
        "name":null,
        "roles":["_admin"]
        }

        A subsequent get to _session shows that I have logged in as the correct user.

        {
        "ok":true,
        "userCtx":

        {"name":"admin","roles":["_admin"]}

        ,
        "info":

        {"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"}

        }

        Show
        breathevalue Ben Cohen added a comment - I see the same issue in version 1.3.1. I post the document { 'name': 'admin' 'password': 'adminpass' } to _session to login and receive the reply: { "ok":true, "name":null, "roles": ["_admin"] } A subsequent get to _session shows that I have logged in as the correct user. { "ok":true, "userCtx": {"name":"admin","roles":["_admin"]} , "info": {"authentication_db":"_users","authentication_handlers":["oauth","cookie","default"],"authenticated":"cookie"} }
        Hide
        githubbot ASF GitHub Bot added a comment -

        GitHub user robertkowalski opened a pull request:

        https://github.com/apache/couchdb-couch/pull/16

        Return username on POST to /_session

        When logging in with admin credentials and no user doc is
        present, the name was `null`. Example:

        `

        {"ok":true,"name":null,"roles":["_admin"]}

        `

        closes COUCHDB-1356

        You can merge this pull request into a Git repository by running:

        $ git pull https://github.com/robertkowalski/couchdb-couch COUCHDB-1356-auth-session

        Alternatively you can review and apply these changes as the patch at:

        https://github.com/apache/couchdb-couch/pull/16.patch

        To close this pull request, make a commit to your master/trunk branch
        with (at least) the following in the commit message:

        This closes #16


        commit e109ff8f2be5f3ea1ae221279975c9e1ef75b851
        Author: Robert Kowalski <rok@kowalski.gd>
        Date: 2014-11-23T15:34:58Z

        Return username on POST to /_session

        When logging in with admin credentials and no user doc is
        present, the name was `null`. Example:

        `

        {"ok":true,"name":null,"roles":["_admin"]}

        `

        closes COUCHDB-1356


        Show
        githubbot ASF GitHub Bot added a comment - GitHub user robertkowalski opened a pull request: https://github.com/apache/couchdb-couch/pull/16 Return username on POST to /_session When logging in with admin credentials and no user doc is present, the name was `null`. Example: ` {"ok":true,"name":null,"roles":["_admin"]} ` closes COUCHDB-1356 You can merge this pull request into a Git repository by running: $ git pull https://github.com/robertkowalski/couchdb-couch COUCHDB-1356 -auth-session Alternatively you can review and apply these changes as the patch at: https://github.com/apache/couchdb-couch/pull/16.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #16 commit e109ff8f2be5f3ea1ae221279975c9e1ef75b851 Author: Robert Kowalski <rok@kowalski.gd> Date: 2014-11-23T15:34:58Z Return username on POST to /_session When logging in with admin credentials and no user doc is present, the name was `null`. Example: ` {"ok":true,"name":null,"roles":["_admin"]} ` closes COUCHDB-1356
        Hide
        jira-bot ASF subversion and git services added a comment -

        Commit f6a34da73b0b1c3552b77afa037c9ae287237f87 in couchdb-couch's branch refs/heads/master from Robert Kowalski
        [ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch.git;h=f6a34da ]

        Return username on POST to /_session

        When logging in with admin credentials and no user doc is
        present, the name was `null`. Example:

        `

        {"ok":true,"name":null,"roles":["_admin"]}

        `

        closes COUCHDB-1356

        Show
        jira-bot ASF subversion and git services added a comment - Commit f6a34da73b0b1c3552b77afa037c9ae287237f87 in couchdb-couch's branch refs/heads/master from Robert Kowalski [ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch.git;h=f6a34da ] Return username on POST to /_session When logging in with admin credentials and no user doc is present, the name was `null`. Example: ` {"ok":true,"name":null,"roles":["_admin"]} ` closes COUCHDB-1356
        Hide
        githubbot ASF GitHub Bot added a comment -

        Github user asfgit closed the pull request at:

        https://github.com/apache/couchdb-couch/pull/16

        Show
        githubbot ASF GitHub Bot added a comment - Github user asfgit closed the pull request at: https://github.com/apache/couchdb-couch/pull/16
        Hide
        jira-bot ASF subversion and git services added a comment -

        Commit 53dcb010623b2b6672f1cf379906b800ab1e53a8 in couchdb's branch refs/heads/1.x.x from Robert Kowalski
        [ https://gitbox.apache.org/repos/asf?p=couchdb.git;h=53dcb01 ]

        Return username on POST to /_session

        When logging in with admin credentials and no user doc is
        present, the name was `null`. Example:

        `

        {"ok":true,"name":null,"roles":["_admin"]}

        `

        closes COUCHDB-1356

        Show
        jira-bot ASF subversion and git services added a comment - Commit 53dcb010623b2b6672f1cf379906b800ab1e53a8 in couchdb's branch refs/heads/1.x.x from Robert Kowalski [ https://gitbox.apache.org/repos/asf?p=couchdb.git;h=53dcb01 ] Return username on POST to /_session When logging in with admin credentials and no user doc is present, the name was `null`. Example: ` {"ok":true,"name":null,"roles":["_admin"]} ` closes COUCHDB-1356

          People

          • Assignee:
            robertkowalski Robert Kowalski
            Reporter:
            jjs Johannes J. Schmidt
          • Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development