diff options
| -rw-r--r-- | etc/couchdb/local.ini | 4 | ||||
| -rw-r--r-- | src/couchdb/couch_httpd.erl | 3 |
2 files changed, 5 insertions, 2 deletions
diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini index 7aa049a0..f20b197a 100644 --- a/etc/couchdb/local.ini +++ b/etc/couchdb/local.ini @@ -14,7 +14,9 @@ ;WWW-Authenticate = Basic realm="administrator" [couch_httpd_auth] -; if you set this to true, you should also uncomment the WWW-Authenticate line above +; If you set this to true, you should also uncomment the WWW-Authenticate line +; above. If you don't configure a WWW-Authenticate header, CouchDB will send +; Basic realm="server" in order to prevent you getting logged out. ; require_valid_user = false [log] diff --git a/src/couchdb/couch_httpd.erl b/src/couchdb/couch_httpd.erl index faf14bcc..b531d3d6 100644 --- a/src/couchdb/couch_httpd.erl +++ b/src/couchdb/couch_httpd.erl @@ -750,7 +750,8 @@ error_headers(#httpd{mochi_req=MochiReq}=Req, Code, ErrorStr, ReasonStr) -> AuthRedirect -> case couch_config:get("couch_httpd_auth", "require_valid_user", "false") of "true" -> - {Code, []}; + % send the browser popup header no matter what if we are require_valid_user + {Code, [{"WWW-Authenticate", "Basic realm=\"server\""}]}; _False -> % if the accept header matches html, then do the redirect. else proceed as usual. case re:run(MochiReq:get_header_value("Accept"), "html", [{capture, none}]) of |