Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-21744

REST endpoint behavior change in CB 4.5.1. No authentication window when accessing /pools/default/remoteClusters endpoint via Web Client

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 5.0.0
    • 4.5.0, 4.5.1
    • ns_server, RESTful-APIs
    • None
    • Couchbase Enterprise 4.5.1
    • Untriaged
    • Unknown

    Description

      Background

      In CB 4.1.1, when accessing the REST endpoint http://localhost:8091/pools/default/remoteCluster via Web client, an authentication window will pop up.

      In CB 4.5.1, when user attempt to access the REST endpoint http://localhost:8091/pools/default/remoteCluster via Web client, no authentication pop up

      Problem

      CB 4.5.x introduced RBAC. It might have changed the behavior when REST endpoint via web client `http://localhost:8091/pools/default/remoteCluster`

      In CB 4.1.x, when accessing the REST endpoint via Curl with no user name and password. It return HTTP code 401 

      * Hostname was NOT found in DNS cache
      		 
      *   Trying 127.0.0.1...
      		 
      * Connected to localhost (127.0.0.1) port 8091 (#0)
      		 
      > GET /pools/default/remoteClusters HTTP/1.1
      		 
      > User-Agent: curl/7.35.0
      		 
      > Host: localhost:8091
      		 
      > Accept: */*
      		 
      > 
      < HTTP/1.1 401 Unauthorized
      		 
      < WWW-Authenticate: Basic realm="Couchbase Server Admin / REST"
      		 
      * Server Couchbase Server is not blacklisted
      		 
      < Server: Couchbase Server
      		 
      < Pragma: no-cache
      		 
      < Date: Mon, 21 Nov 2016 18:47:35 GMT
      		 
      < Content-Length: 0
      		 
      < Cache-Control: no-cache
      		 
      < 
      * Connection #0 to host localhost left intact

      In CB 4.5.x, when accessing the REST endpoint via Curl with no user name and password. It return HTTP code 403 

      * Hostname was NOT found in DNS cache
      		 
      *   Trying 127.0.0.1...
      		 
      * Connected to localhost (127.0.0.1) port 8091 (#0)
      		 
      > GET /pools/default/remoteClusters HTTP/1.1
      		 
      > User-Agent: curl/7.35.0
      		 
      > Host: localhost:8091
      		 
      > Accept: */*
      		 
      > 
      < HTTP/1.1 403 Forbidden
      		 
      * Server MochiWeb/1.0 (Any of you quaids got a smint?) is not blacklisted
      		 
      < Server: MochiWeb/1.0 (Any of you quaids got a smint?)
      		 
      < Date: Mon, 21 Nov 2016 18:46:49 GMT
      		 
      < Content-Type: application/json
      		 
      < Content-Length: 120
      		 
      < 
      * Connection #0 to host localhost left intact
      		 
      {"message":"Forbidden. User needs one of the following permissions","permissions":["cluster.xdcr.remote_clusters!read"]}

      Step to reproduce the problem

      1. Setup a 4.5.1 clsuter
      2. Setup a XDCR to another Couchbase Cluster
      3. Use a Web Browser and navigate to http://localhost:8091/pools/default/remoteCluster
      4. * No Authentication pop up windows
      5. Shows error message below:
      6. Error: {"message":"Forbidden. User needs one of the following permissions","permissions":["cluster.xdcr.remote_clusters!read"]}

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            ritam.sharma Ritam Sharma
            gary.wong Gary Wong (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty