9

I'm having issues with the users I've created being able to actually submit anything into the DB I've listed them under. I've followed the steps listed here (Creating regular users in CouchDB) and reviewed countless pages of documentation trying to sort this out. (Ex: http://wiki.apache.org/couchdb/Security_Features_Overview).

I'm using v1.5 and trying to set the user "testAdmin" as the admin for the "test" DB. superadmin, in this is my admin account created through the futon interface.

If I check the security document I can see my permissions there that should allow the testAdmin user to access the DB:

curl -X GET http://superadmin:1234@localhost:5984/test/_security

response:

   { 
      "admins": 
         { "names":["testAdmin"],
           "roles":[]
         },
      "readers":
         { "names":["testUser"],
           "roles":[]
         }
    }

Then if I run this, I get "You are not a server admin."

curl -X PUT http://testAdmin:5678@localhost:5984/test/ -d '{"abc": "def"}'

response:

{"error":"unauthorized","reason":"You are not a server admin."}

I've tried switching the user to a reader, I've also tried using the other user I've created that's currently listed as reader, and I keep encountering the same error.

Edit: I'm able to log in to Futon with the users I've created just fine, and their permissions all appear to be working fine within Futon, but I'm still unable to use curl successfully.

Community
  • 1
  • 1
user3488253
  • 93
  • 1
  • 1
  • 4
  • Just to be sure: are you aware that you didn't need any user creation to start using CouchDB? – Aurélien Bénel Apr 02 '14 at 08:49
  • Could you specify what you intend to do? Who could do what on what? – Aurélien Bénel Apr 02 '14 at 09:02
  • 1
    The official documentation on version 1.5 is [here](http://docs.couchdb.org/en/1.5.x/). Several parts could be interesting for your problem ([security](http://docs.couchdb.org/en/1.5.x/intro/security.html), [update validation](http://docs.couchdb.org/en/1.5.x/couchapp/ddocs.html#vdufun), [authentication and authorization](http://docs.couchdb.org/en/1.5.x/config/auth.html)). – Aurélien Bénel Apr 02 '14 at 09:05

4 Answers4

8

You're trying to create a database instead of creating a document. If you want to create document without predefined ID - use POST request instead.

Kxepal
  • 4,659
  • 1
  • 19
  • 16
7

Using

curl

curl -u USER:PASS -X PUT "http://host:port/db_target" -d '{...}'

This may have been the resolution to the initial question.

aphorise
  • 354
  • 2
  • 4
5

It's worth adding that Fauxton often "forgets" its authentication if you leave it open and doesn't realize it, failing in odd ways until you reload the page and it realizes you need to log in again.

Short story shorter I was having a similar problem and just needed to re-authenticate to resolve it.

devios1
  • 36,899
  • 45
  • 162
  • 260
  • I think the session timeout can be adjusted with [this configuration](http://docs.couchdb.org/en/2.1.1/config/auth.html#couch_httpd_auth/timeout "timeout") – Megidd Apr 11 '18 at 17:38
0

@Kxepal has already solved the problem. So just to make it clear this is what is happening.

You have a superadmin who in couchdb terms is a server admin and can do anything. He/She can create databases, delete them, get any document etc.

Then you have other users who have privileges assigned to them by you. So when you created that _security document what you did was tell couchdb that dbadmin was the administrator of the database and dbreader was a member of the database. From futon this is the definition of admin and members

Database admins can update design documents and edit the admin and member lists.

Database members can access the database. If no members are defined, the database is public.

Once you define an admin or a member your database ceases to be public. Only users with sufficient privileges can access them.

With your request as @Kxepal pointed out you tried to create a database. A database admin can't create a database. That right belongs to the server admin, in your case superadmin.

Community
  • 1
  • 1
Akshat Jiwan Sharma
  • 15,430
  • 13
  • 50
  • 60