N1QL and passworded buckets

.net
security
n1ql

#1

I’m trying to use the 2.2 client against a passworded bucket to submit a N1QL query.

string query = "SELECT * FROM `MyBucketName` WHERE something = 'somevalue'";
var queryRequest = new QueryRequest(query);
queryRequest.AddCredentials("MyBucketName", "MyBucketPassword", false);
var queryResult = bucket.Query<MyModel>(queryRequest);

The Errors collection on the query result then contains a single entry with code 1070

creds has to be of type array of { user, pass }

I’ve also tried substituting the credentials for the admin login for the couchbase box into the AddCredentials method (with the third parameter set to true) and get the same result.

Any suggestions where i’m going wrong here?


#2

@mjordan73

So, I haven’t tried to reproduce this locally yet. But I have a quick guess. Have you altered the default serialization settings for Json.Net using JsonConvert.DefaultSettings? If so, this could be altering the way the credentials are being serialized to the server for the QueryRequest. They are currently being serialized as a List with two properties, user and pass, and a call to JsonConvert.Serialize.

Brant


#3

No, not mucked about with serialisation at all.

CoucbaseNetClient version is 2.2.1 by the way, forgot to precisely state the version in my original post.


#4

@mjordan73 -

It looks like a bug, I can recreate and not sure if it’s a server or a client issue ATM. If you remove the client credentials and auth against the bucket when you open it, it looks the query will succeed though.

-Jeff


#5

Yeah, i’d double-checked the rest of the query/code was valid against an unsecured bucket. At least you’ve managed to reproduce it and I look forward to the fix. Thanks for looking into it.

EDIT: And if I might be a bit cheeky, it’d be REALLY useful if someone could add passworded bucket support to the nbq command line tool :wink:


#6

When I try to perform a N1QL query by providing the authorization to the bucket when I open it, I avoid the “creds has to be of type array of { user, pass }” error, but instead receive the following error:

Authorization Failed Keyspace ...

As such, I’m not quite clear I understand the suggested workaround. How do I perform a query against a password-protected bucket using the .NET SDK? Performing the query against the REST API works OK.

Thank you.


#7

@dhalls -

There is a patch available here: https://issues.couchbase.com/browse/NCBC-1039. This does not support AddCredentials which is a server bug and will be fixed in a future server release.

The patch is on top of 2.2.2 and has not been through any QA process, so use at your own risk :wink:

The official release will be 2.2.3 due the first week of January.

-Jeff


#8

Jeff - This is perfect. Thanks much for your help. I’m up and running with the patched version and it’s working great.