Setting the domain in the AuthSession cookie for CouchDB
When using cookie based authentication in CouchDB, the domain appears to be set to the domain of the host; foo.com for example. If we wish to access this session from a subdomain; bar.foo.com for example, this will fail.
From my limited experience with managing cookies, it appears that if you set the domain to .foo.com (notice the leading dot .), then you can access these cookies on subdomains.
Is it possible to change the domain that CouchDB uses when setting the cookie to include the leading dot?
authentication couchdb
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
add a comment |
When using cookie based authentication in CouchDB, the domain appears to be set to the domain of the host; foo.com for example. If we wish to access this session from a subdomain; bar.foo.com for example, this will fail.
From my limited experience with managing cookies, it appears that if you set the domain to .foo.com (notice the leading dot .), then you can access these cookies on subdomains.
Is it possible to change the domain that CouchDB uses when setting the cookie to include the leading dot?
authentication couchdb
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
2
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
1
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07
add a comment |
When using cookie based authentication in CouchDB, the domain appears to be set to the domain of the host; foo.com for example. If we wish to access this session from a subdomain; bar.foo.com for example, this will fail.
From my limited experience with managing cookies, it appears that if you set the domain to .foo.com (notice the leading dot .), then you can access these cookies on subdomains.
Is it possible to change the domain that CouchDB uses when setting the cookie to include the leading dot?
authentication couchdb
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
When using cookie based authentication in CouchDB, the domain appears to be set to the domain of the host; foo.com for example. If we wish to access this session from a subdomain; bar.foo.com for example, this will fail.
From my limited experience with managing cookies, it appears that if you set the domain to .foo.com (notice the leading dot .), then you can access these cookies on subdomains.
Is it possible to change the domain that CouchDB uses when setting the cookie to include the leading dot?
authentication couchdb
authentication couchdb
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
edited Sep 28 '12 at 16:27
Octavian Damiean
35.7k188795
35.7k188795
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
asked Sep 27 '12 at 18:21
irbullirbull
1,7591019
1,7591019
2
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
1
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07
add a comment |
2
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
1
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07
2
2
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
1
1
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07
add a comment |
1 Answer
1
active
oldest
votes
From couch >= 2 ( tested on 2.2 myself ) you can add this to your configuration fille
[couch_httpd_auth]
cookie_domain = foo.com
answered Nov 23 '18 at 21:46
TimTim
2,03612332
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f12627749%2fsetting-the-domain-in-the-authsession-cookie-for-couchdb%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
From couch >= 2 ( tested on 2.2 myself ) you can add this to your configuration fille
[couch_httpd_auth]
cookie_domain = foo.com
answered Nov 23 '18 at 21:46
TimTim
2,03612332
add a comment |
From couch >= 2 ( tested on 2.2 myself ) you can add this to your configuration fille
[couch_httpd_auth]
cookie_domain = foo.com
answered Nov 23 '18 at 21:46
TimTim
2,03612332
add a comment |
From couch >= 2 ( tested on 2.2 myself ) you can add this to your configuration fille
[couch_httpd_auth]
cookie_domain = foo.com
answered Nov 23 '18 at 21:46
TimTim
2,03612332
From couch >= 2 ( tested on 2.2 myself ) you can add this to your configuration fille
[couch_httpd_auth]
cookie_domain = foo.com
answered Nov 23 '18 at 21:46
TimTim
2,03612332
answered Nov 23 '18 at 21:46
TimTim
2,03612332
answered Nov 23 '18 at 21:46
TimTim
2,03612332
answered Nov 23 '18 at 21:46
TimTim
2,03612332
2,03612332
add a comment |
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f12627749%2fsetting-the-domain-in-the-authsession-cookie-for-couchdb%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
2
After some more digging, the domain isn't actually set to anything, so it defaults to the domain of the host. The question still applies though -- can you set the domain for AuthSession Cookie in couchDB?
– irbull
Sep 28 '12 at 2:53
1
I know that this is a really old issue, it still seems to be unresolved but in 2013 an issue was opened in CouchDB's tracker issues.apache.org/jira/browse/COUCHDB-1959. I'll try to draft a PR for it.
– Darío
Nov 21 '15 at 23:18
Partially same problem, how do you solved it? In my case I got coockie from example.com/mydemo/_session, but it don't work on example.com/mydemo/db/
– Arman Hayots
Dec 18 '15 at 11:07