Setting up authentication for clusters/ buckets


#1

Using couchnode, the example shows that to access a bucket you just do :
var couchbase = require(‘couchbase’);
var myCluster = new couchbase.Cluster(‘serverIP:8091’);

This is not secure because anyone who has the server IP can connect to Couchbase.
Coming from mysql, I would set a user and password for the database on the server, then I would have to give a username and password in the client.
Could you explain, or point me to docs where it is explained, how to set a password for clusters/buckets in couchbase server, and then how to access them in couchnode? Thanks


#2

Hi,

Yes, we do provide username/password for Admin and you can also set SASL password for buckets.
Please refer to the following documentation:
http://docs.couchbase.com/4.0/admin/security/security-intro.html

If you are using 3.0, there’s the link:
http://docs.couchbase.com/admin/admin/Concepts/security-intro.html

Thanks,
Qi


#3

Thanks.

After looking in the docs I found that I can do var myBucket = myCluster.openBucket(‘default’, ‘password’);
I set the password in the admin by connecting to serverIP:8091 and pasting a random password in the Access Control of the bucket. No clue about the username though.

I could connect to the bucket yesterday with password set but today I get the error “'cannot perform operations on a shutdown bucket”. I don('t understand because it was working yesterday.

Also, this shows me how to restrict access to a bucket, but how to restrict access to a cluster?


#4

Hi,

The ‘default’ named bucket is special in Couchbase, and a password cannot be set for it.

If you are using default, can you try connecting without a password?

Thanks,
Don

Product Manager, Couchbase Server


#5

Hi,

Here are some sample code that can help you set up username/password for cluster:
var couchbaseInstances = new List() { new Uri(“http://localhost:8091/pools”) };
var config = new ClientConfiguration()
{
ViewRequestTimeout = 45000,
Servers = couchbaseInstances,
PoolConfiguration = new PoolConfiguration { MinSize = 10, MaxSize = 10 }
};
var cluster = new Cluster(config);
var clusterManager = cluster.CreateManager(userName, password);
var result = clusterManager.CreateBucket(bucketName);

During cluster initialization, you can use web console or CLI to set up username/password for cluster.
Doc for CLI tool: http://docs.couchbase.com/admin/admin/CLI/CBcli/cbcli-servers.html

Here are doc about couchnode:
http://docs.couchbase.com/developer/node-2.0/introduction.html

Thanks,
Qi


#6

No I created a different bucket that I named different than ‘default’. In my previous message I had just copy-pasted the example from the docs.

It was not working, but then I re-went to the admin panel and re-saved the password in the bucket edit modal, and now it’s working again. Is it possible that if I access couchbase server from different clients, they could have a different default username or something?

Is there also a username to access the bucket, or just the password? Chrome tried to save the password with username “4200”.


#7

Hi,

In Couchbase, we don’t have bucket users. Applications authenticate to Couchbase buckets using the bucket name and password.

Is it possible that if I access couchbase server from different clients, they could have a different default username or something?
Unless they are connecting to different buckets, the applications will use same bucketname and password.

Is there also a username to access the bucket, or just the password? Chrome tried to save the password with username “4200”.
There is no username as there are no bucket users. It’s just the bucketname and password.

Can you describe more about the scenario when you say “Chrome tried to save the password with username 4200”? Is this when logging into the cluster, or accessing the buckets. If you can provide some screenshots, that will help here.

Thanks,
D


#8

It happens when saving the password for the bucket in the bucket edit modal.