Bucket passwords and N1QL

mjordan73 · September 8, 2015, 7:40am

I know there was a known issue with passworded buckets and N1QL queries in the earlier preview versions but does this limitation still exist in the RC? If not then how do you specify the password in CBQ?

Thanks

manik · September 8, 2015, 8:08am

SASL bucket passwords are supported in the RC versions. You can either specify the bucket(s) password or use the administrator password. Examples below

curl -v http://localhost:8093/query/service -d 'statement=create primary index on `beer-sample`&creds=[{"user":"local:beer-sample", "pass":"password"}]"'

curl -v http://localhost:8093/query/service -d 'statement=select * from `beer-sample` b JOIN `gamesim-sample` as d ON KEYS b.k2&creds=[{"user":"beer-sample", "pass":"password1"},{"user":"gamesim-sample","pass":"password2"}]"'

Note that this feature is not yet available via the cbq command line and only supported via the REST API or some of the N1QL SDKs such as go_n1ql.

Cheers,
Manik

mjordan73 · September 8, 2015, 8:39am

Great, thanks. I’m just hacking around in cbq trying to get a handle on the syntax for now so will just have to leave passwords off whilst i’m at that stage and checkout if the .net client supports passwords later.

whollycow007 · October 16, 2015, 11:54pm

@manik is this supported using the Python SDK?

Would you know where documentation for this? - I can’t find it

mnunberg · October 17, 2015, 6:53pm

As a means to allow backdoor options to be set, the Python client allows the use of a special method for this:
http://pythonhosted.org/couchbase/api/n1ql.html#couchbase.n1ql.N1QLQuery.set_option

Just pass the JSON {"creds":… field as a Python dict.

So in your case,

q = N1QLQuery("select * from `beer-sample` b JOIN `gamesim-sample` as d ON KEYS b.k2")
q.set_option("creds", [
  {"user":"beer-sample", "pass":"password1"},
  {"user":"gamesim-sample", "pass":"password2"}
])

“direct” support (possibly via an actual Python-level creds option) will be added in the future.

Note that the SDK will still send along the auth header, which may conflict with the provided credentials (I am not sure about the exact details about which takes precedence, but you can try it).

whollycow007 · October 22, 2015, 9:02pm

Thanks!

According to this page: http://pythonhosted.org/couchbase/api/n1ql.html

“Warning At the time of writing, N1QL is still an experimental feature. As such, both the server-side API as well as the client API are subject to change.”

Could you help with letting me know whats likely to change? I could potentially write our own wrappers around the N1QL REST API but would much rather just use the Python SDK. Would basic commands like N1QLQuery change format?

Is there any more documentation that that page around the SDK and Python?

mnunberg · October 23, 2015, 4:33pm

It’s just old documentation from the pre-4.x release. The API should now be considered stable.

chrisva · November 3, 2015, 3:33pm

Is there a solution to make password on bucket work with .NET client and N1QL queries? I get error every time.