Sync Gateway Configuration for a password protected bucket

#1

Is it possible to shadow a password protected bucket in sync gateway? If not, is there anyway we can provide security to the buckets?

#2

Bucket credentials can be specified as part of the database configuration in the Sync Gateway config:
http://developer.couchbase.com/documentation/mobile/current/develop/guides/sync-gateway/configuring-sync-gateway/config-properties/index.html#database-configuration

#3

Thanks for the suggestion @adamf. We tried adding password to the sync function. But we are getting few warnings as seen below.

2016-05-06T11:12:08.675+05:30 Opening Couchbase database on http://192.168.244.247:8091
*2016-05-06T11:12:08.710+05:30 WARNING: Database “xxxx”: unable to connect to external bucket for shadowing: 502 Unable to connect to shadow bucket: No bucket named xxxx – rest.(ServerContext)._getOrAddDatabaseFromConfig() at server_context.go:793

Here is the sync function snippet:

{ “interface”: “:4984”,
“adminInterface”: “:4985”,
“persona”: {
“origin”: “http://0.0.0.0:4984/”,
“register”: true
},
“log”:[“CRUD”, “CRUD+”, “HTTP”, “HTTP+”, “Access”,“Changes”,“Changes+”, “Cache”,“REST”],
“maxFileDescriptors”:54000,
“databases”: {
“xxxx”: {
“server”:“http://192.168.244.247:8091”,
“sync”:function (doc,oldDoc) { },
“bucket”:“xxxx_Sync”,
“users”: {
“GUEST”: {
“disabled”: false,
“admin_channels”: ["*"]
}
},
“shadow” : {
“server”: “http://192.168.244.247:8091”,
“bucket”: “xxxx”
},
“password” : “passw0rd!”
} }
}

On starting the sync gateway, it says it is not able to connect to the bucket. Any help on this would be really helpful.

Note : If i remove the password protection from the bucket and start the sync, it works perfectly fine.
Couchbase Server Ver : 4.1
Sync Gateway Ver: 1.2

#4

That config is specifying the password for xxxx_Sync, but not for the shadow bucket xxxx. The shadow bucket password should be a sibling of the shadow bucket property.

#5

I did make the changes as per your suggestion. Here is my modified sync function.

{ “interface”: “:4984”,
“adminInterface”: “:4985”,
“persona”: {
“origin”: “http://0.0.0.0:4984/”,
“register”: true
},
“log”:[“CRUD”, “CRUD+”, “HTTP”, “HTTP+”, “Access”,“Changes”,“Changes+”, “Cache”,“REST”],
“maxFileDescriptors”:54000,
“databases”: {
“xxxx”: {
“server”:“http://192.168.244.247:8091”,
“sync”:`function (doc,oldDoc) {

             channel (doc.channels);
   }`,
      "bucket":"xxxx_Sync",
      "users": {
          "GUEST": {
              "disabled": false,
              "admin_channels": ["*"]
          }
      },
      "shadow" : {
          "server": "http://192.168.244.247:8091",
          "bucket": "pingingtea",
          "password" : "passw0rd!"
      }

} }
}

But I still get to see the same error.

2016-05-09T12:15:24.658+05:30 WARNING: Database “xxxx”: unable to connect to external bucket for shadowing: 502 Unable to connect to shadow bucket: No bucket named pingingtea – rest.(*ServerContext)._getOrAddDatabaseFromConfig() at server_context.go:793

Is there anything else that is missing?