Authorization

Bryan Fink bryan at basho.com
Mon Nov 2 21:26:14 EST 2009


On Mon, Nov 2, 2009 at 4:54 PM, flavio ishii <flavio.ishii at gmail.com> wrote:
> Hi. I'm testing the basic authentication for a jiak resource. I have the
> following code but it seems that the requests go through even if my login
> values are invalid.

Hi, Flavio.  I think it's possible that you're not running the code
you think you are.  The code you included in your email doesn't
compile for me: 'Context' is unbound in get_un_pwd/1.  Furthermore, if
I just change get_un_pwd to something like:

get_un_pwd(ReqData) ->
       case wrq:get_req_header("authorization", ReqData) of
       "Basic "++Base64 ->
           Str = base64:mime_decode_to_string(Base64),
           string:tokens(Str, ":");
       _ ->
           denied %% CHANGED TO GENERIC ERROR ATOM
   end.

Then, I see 401, as expected, unless I include the proper
Authorization header.  Check your compilation console for errors.
Also note that Riak will not automatically reload modules as you
compile them, like Webmachine does in debug mode.  You'll have to
l(module) in a riak console or Client:reload_all(module) from a
connected node.

-Bryan




More information about the riak-users mailing list