Details
-
Bug
-
Resolution: Fixed
-
Major
-
4.5.0, 4.5.1
-
None
-
Couchbase Enterprise 4.5.1
-
Untriaged
-
Unknown
Description
Background
In CB 4.1.1, when accessing the REST endpoint http://localhost:8091/pools/default/remoteCluster via Web client, an authentication window will pop up.
In CB 4.5.1, when user attempt to access the REST endpoint http://localhost:8091/pools/default/remoteCluster via Web client, no authentication pop up
Problem
CB 4.5.x introduced RBAC. It might have changed the behavior when REST endpoint via web client `http://localhost:8091/pools/default/remoteCluster`
In CB 4.1.x, when accessing the REST endpoint via Curl with no user name and password. It return HTTP code 401
* Hostname was NOT found in DNS cache
|
* Trying 127.0.0.1... |
* Connected to localhost (127.0.0.1) port 8091 (#0) |
> GET /pools/default/remoteClusters HTTP/1.1 |
> User-Agent: curl/7.35.0 |
> Host: localhost:8091 |
> Accept: */*
|
>
|
< HTTP/1.1 401 Unauthorized |
< WWW-Authenticate: Basic realm="Couchbase Server Admin / REST" |
* Server Couchbase Server is not blacklisted
|
< Server: Couchbase Server
|
< Pragma: no-cache
|
< Date: Mon, 21 Nov 2016 18:47:35 GMT |
< Content-Length: 0 |
< Cache-Control: no-cache
|
<
|
* Connection #0 to host localhost left intact |
In CB 4.5.x, when accessing the REST endpoint via Curl with no user name and password. It return HTTP code 403
* Hostname was NOT found in DNS cache
|
* Trying 127.0.0.1... |
* Connected to localhost (127.0.0.1) port 8091 (#0) |
> GET /pools/default/remoteClusters HTTP/1.1 |
> User-Agent: curl/7.35.0 |
> Host: localhost:8091 |
> Accept: */*
|
>
|
< HTTP/1.1 403 Forbidden |
* Server MochiWeb/1.0 (Any of you quaids got a smint?) is not blacklisted |
< Server: MochiWeb/1.0 (Any of you quaids got a smint?) |
< Date: Mon, 21 Nov 2016 18:46:49 GMT |
< Content-Type: application/json
|
< Content-Length: 120 |
<
|
* Connection #0 to host localhost left intact |
{"message":"Forbidden. User needs one of the following permissions","permissions":["cluster.xdcr.remote_clusters!read"]} |
Step to reproduce the problem
- Setup a 4.5.1 clsuter
- Setup a XDCR to another Couchbase Cluster
- Use a Web Browser and navigate to http://localhost:8091/pools/default/remoteCluster
- * No Authentication pop up windows
- Shows error message below:
- Error: {"message":"Forbidden. User needs one of the following permissions","permissions":["cluster.xdcr.remote_clusters!read"]}