Attempting to restore using Raven.Server.exe to an IIS RavenDB server instance failing with 401 unauthorized. Trying to use Api-key. Is this supported?
80 views
Skip to first unread message
Sean Duffy
Mar 22, 2018, 7:53:34 AM3/22/18
to RavenDB - 2nd generation document database
Hi,
I'm trying to restore a database from a backup using Raven.Server.exe on the command line.
The error I'm getting back is indicating that Raven.Server is attempting to connect to my RavenDB instance running in IIS, but getting a 401 back.
The iis raven instance is configured for AnonymousAccess = None, as we're using a licensed version, and have set up API key authentication. I've tried with and without specifying the API key. I've also tried enabling Windows Auth on the IIS site, and running the restore process as a user that I setup to have Admin rights on * (all DBs) and <system> but that also does not seem to work.
Essentially I am calling:
D:\RavenServerForRestores\Raven.Server.exe --restore-source=D:\path\to\raven-db-backup-database\here --restore-database=https://myraveninstancehere.com --restore-disable-replication --api-key=mycustomApiKeyHere/234234234234
also tried:
D:\RavenServerForRestores\Raven.Server.exe --restore-source=D:\path\to\raven-db-backup-database\here --restore-database=https://myraveninstancehere.com --restore-disable-replication
Output example:
<h3>HTTP Error 401.1 - Unauthorized</h3>
<h4>You do not have permission to view this directory or page using the credentials that you supplied.</h4>
Screenshot of the output when running this interactively is attached.
Does Raven.Server support passing in an api key as an argument like I am trying? I've looked at the Program.cs source and I don't actually see a parameter for this. That is why I've tried with and without the parameter.
I am using Raven.Server.exe version build 35242.
The ravenDB IIS instance I am trying to restore to is: build 35220 in this case.
Oren Eini (Ayende Rahien)
Mar 22, 2018, 8:10:13 AM3/22/18
to ravendb
You IIS instance allows anonymous auth?
Hibernating Rhinos Ltd
Oren Eini l CEO l Mobile: + 972-52-548-6969
Office: +972-4-622-7811 l Fax: +972-153-4-622-7811
--
You received this message because you are subscribed to the Google Groups "RavenDB - 2nd generation document database" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ravendb+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Sean Duffy
Mar 22, 2018, 8:46:56 AM3/22/18
to RavenDB - 2nd generation document database
Hi Oren,
Yes, Anonymous Authentication is set to "Enabled". I have also tried enabling Windows Authentication, as that is normally disabled in this setup, but that didn't seem to make a difference.
Also in the IIS instance, the web.config is set with: <add key="Raven/AnonymousAccess" value="None" />
To unsubscribe from this group and stop receiving emails from it, send an email to ravendb+u...@googlegroups.com.
Oren Eini (Ayende Rahien)
Mar 23, 2018, 4:27:49 AM3/23/18
to ravendb
For API auth, you need to have anonymous auth enabled, yes.
Can you show the Fiddler output of this ?
To unsubscribe from this group and stop receiving emails from it, send an email to ravendb+unsubscribe@googlegroups.com.
Jeff Krebsbach
Jun 12, 2018, 3:51:58 PM6/12/18
to RavenDB - 2nd generation document database
I believe we are seeing the exact same thing on our machines -
C:\PROGRA~1\RavenDB>raven.server.exe --restore-source=\\FILESRV1\backups\ravendb\database1 --restore-database=https://raven.company.net/RavenDB --api-key=KEY/Secret1!
A critical error occurred while starting the server. Please see the exception details bellow for more details:
Raven.Abstractions.Connection.ErrorResponseException: Status code: Unauthorized
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
[...]
<div id="details-right">
<table border="0" cellpadding="0" cellspacing="0">
<tr class="alt"><th>Requested URL</th><td> https://data10.healthbilling.net:443/RavenDB/admin/restore</td></tr>
<tr><th>Physical Path</th><td> C:\inetpub\wwwroot\RavenDB\admin\restore</td></tr>
<tr class="alt"><th>Logon Method</th><td> Not yet determined</td></tr>
<tr><th>Logon User</th><td> Not yet determined</td></tr>
</table>
<div class="clear"></div>
</div>
[...]
I was able to use Raven.Smuggler to transmit data, and Raven.Backup to generate backups from my server, but I cannot use the Raven.Server restore operations against this server...
Sean Duffy
Jun 12, 2018, 4:25:32 PM6/12/18
to RavenDB - 2nd generation document database
Hi Jeff
In the end I just grabbed the raven lightweight client library and wrote a simple .net console application that uses the restore API to get this functionality.
It's way better than trying to use something that is designed to be a RavenDB server instance when all you need is restore functionality.
Based on the parameters the client method uses, it looks like the raven studio UI uses the exact same method for restoring via the UI.
This means you just give the lightweight client your API key and it just works.
Sean
Oren Eini (Ayende Rahien)
Jun 13, 2018, 8:50:48 AM6/13/18
to ravendb
Can you capture this interaction with fiddler?
Hibernating Rhinos Ltd
Oren Eini l CEO l Mobile: + 972-52-548-6969
Office: +972-4-622-7811 l Fax: +972-153-4-622-7811
--
Reply all
Reply to author
Forward
0 new messages