Updating to sync gateway 1.1 gives error status: 401


#1

-After updating to sync gateway 1.1. when we access it via android couchbase lite 1.1.0 or ios couchbase lite getting following error

error status: 401 for http://xxxxx:4984/db/_session. Reason: Unauthorized
07-11 04:41:29.827 26475-26632/? E/Sync﹕ com.couchbase.lite.replicator.ReplicationInternal$4@285f487d: Session check failed
org.apache.http.client.HttpResponseException: Unauthorized

  • I can also see the same error in sync logs

–> 401 Invalid login (0.2 ms)
2015-07-11T19:09:11.788+05:30 HTTP auth failed for username

  • when i revert to older version of sync gateway all works fine.
  • i am using couchbase server 3.03 (latest stable ver)
  • i can also see session being made in database for the username
  • i am using webhooks could that be the reason
    Please help me as i need to use latest version of sync gateway and cannot revert to old.
    my syncconfig file is same is there anything special that need to changed for latest syncgateway version.

Thanks
Arjun


#2

Hi @arjunblue,

Can you try to login with curl. For an existing user named joe, it would be:

curl -vX POST -H 'Content-Type: application/json' \
 :4984/db/_session \
 -d '{"name": "joe", "password": "letmein"}'

> POST /db/_session HTTP/1.1
> User-Agent: curl/7.37.1
> Host: :4984
> Accept: */*
> Content-Type: application/json
> Content-Length: 39
> 
* upload completely sent off: 39 out of 39 bytes
< HTTP/1.1 200 OK
< Content-Length: 103
< Content-Type: application/json
* Server Couchbase Sync Gateway/1.1.0 is not blacklisted
< Server: Couchbase Sync Gateway/1.1.0
< Set-Cookie: SyncGatewaySession=6c52b8cd2c706d55e97d9606058c0abd90a5d200; Path=/db/; Expires=Tue, 07 Jul 2015 08:23:03 UTC
< Date: Mon, 06 Jul 2015 08:23:03 GMT
< 
* Connection #0 to host  left intact
{"authentication_handlers":["default","cookie"],"ok":true,"userCtx":{"channels":{"!":1},"name":"joe"}}⏎     

If you get a 200 OK in the response, you could try using a network inspection tool like httpScoop or Charles to see what the Android SDK is sending and compare with the curl request.

James


#3

Hi @jamiltz,

Thanks alot i get {“error”:“Unauthorized”,“reason”:“Invalid login”} when i hit interface port i.e 4984 as per my config .

but i hit admin port 4985 with same post request it works i get

{“authentication_handlers”:[“default”,“cookie”],“ok”:true,“userCtx”:{“channels”:{"!":1},“name”:“joe”}}

it works hmm… this how i do I allow authentication via interface port as i cannot expose my admin to android client.

Please let me know how if need to change anything in syncconfig.

Thanks again for help james
Arjun


#4

Ok I’m not sure what’s happening.
Can you share your sync gateway config file?

James


#5

Hi @jamiltz this is my config file

{
“interface”: “:4984”,
“adminInterface”: “:4985”,
“log”: [ “CRUD+”, “HTTP+”, “Access”, “Cache”, “Shadow+”, “Changes+”,“Events+”],
“databases”: {
“db1”: {
“server”: “http://localhost:8091”,
“bucket”: “android”,
“sync”: "function(doc,oldDoc){if(doc.owner) { channel(‘ch-’+doc.owner); } } " ,
“users”: {

            "GUEST": {
                "disabled": true

            }
        },"shadow": {
            "server": "http://localhost:8091",
            "bucket": "db_shadow"
        },

“event_handlers”: {
“max_processes” : 1000,
“wait_for_process” : “0”,
“document_changed”: [
{“handler”: “webhook”,
“url”: “http://localhost/index.php”,
“filter”: “function(doc) { if (doc.type == ‘blg’ ) { return true; } return false; }” } ] }

    }
}

}

Thanks
Arjun


#6

Ok thanks. Can you run SG with walrus. Change the server field to walrus:.
Then create a user on the admin port and login as this user on port 4984.
Does that yield the same error response?

James


#7

hi @jamiltz

yes by changing to " walrus: " instead of localhost its same response.

  • i am able to create user in both cases via walrus or without it
  • i can see my user in list of users
    but when i hit _session does not authenticate.

Thanks
Arjun


#8

Ok thanks, running out of ideas :(. Not sure what’s happening.
This tutorial is mostly about roles in the sync function but has a step to authenticate as different users. Is it working if you follow this tutorial?

James


#9

Thanks for all help and quick responses will try it.

arjun


#10

@arjunblue Did you ever figure out what happened here?


#11

issue is fixed in 1.1.1 sync update , do not 401 now.