Hello,
I have a Couchbase 5.0 CE Cluster (4 Nodes) and I am also using Sync Gateway 2. I have a bucket called sync_gateway that was created when the cluster was running CB 4.x. After the upgrade process, one of my apps that uses the GoLang SDK (1.4.2) carried on working as expected (more on this soon). However, recently I had to take my cluster down and bring a new cluster up from a backup, at which point my app stopped working, the call to OpenBucket now returns “authentication failed”.
After some research* I figured that this is because the upgrade process created a user with username sync_gateway (same as the bucket name) but with an empty password. Recreating the cluster means the bucket was created from scratch and then restored into which means the user with the empty password no longer exists and an RBAC user was needed in order for my app to still connect.
With this in mind, I created a user that matched the name of my bucket, set a password and updated my code to call
OpenBucket("sync_gateway", <new password for sync_gateway user>)
I gave the user permissions on my bucket and restarted my app. I got the same error, “authentication failed”.
So, I then tried to create a user with a totally different username, updated my code to use the new authentication methods:
cluster.Authenticate(gocb.PasswordAuthenticator{Username: <username>, Password: <password>,})
and changed the OpenBucket call to
cluster.OpenBucket(<bucket_name>, "")
The cluster.Authenticate does not return an error, so I assume this has worked, but once again the open bucket call returns “authentication failed”. I also tried the above code with the user that has the same name as my bucket name, still the same problem.
I have tried running the OpenBucket(<bucket_name>, <password for user with same name as bucket>) with SDK versions 1.3.6 and 1.2.5 and both of these also return the “authentication failed” error.
I have also tried all of the above giving the various users ADMIN permissions as well as just bucket permissions, every time I get the same error from OpenBucket.
What could I be doing wrong? I am at a loss as to what else I can try. NOTE: there is nothing in the server logs that I can see that might suggest what is going wrong.
UPDATE:
I can confirm that the sync_gateway user descirbed above has read and write permissions on the bucket:
curl -X POST --data 'cluster.bucket[sync_gateway]!read,cluster.bucket[sync_gateway]!write' http://sync_gateway:<PASSWORD>@127.0.0.1:8091/pools/default/checkPermissions
returns
{"cluster.bucket[sync_gateway]!read":true,"cluster.bucket[sync_gateway]!write":true}
I get the same result when I try the user that is not named the same as the bucket
SECOND UPDATE:
using the rest api admin user as the username and password in the cluster.Authenticate call (the same user that I use to log into the couchbase web UI and make cURL requests with) works! The gocb SDK opens the bucket correctly