couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Authentication and Authorization" by CurtArnold
Date Mon, 27 Jul 2009 22:08:46 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The following page has been changed by CurtArnold:
http://wiki.apache.org/couchdb/Authentication_and_Authorization

------------------------------------------------------------------------------
      }).
  }}}
  
+ == Authentication handlers ==
+ 
+ === couch_http::default_authentication_handler ===
+ 
+ If the http request contains basic authentication, the user name and password are checked

+ against a configured user list.  If the user is recognized as an administrator, the user
name and
+ _admin role are added to the user context, otherwise, an exception is thrown.
+ If basic authentication is not present and there are admins defined in the user list,
+ an empty context is returned.  If basic authentication is not present and there are no admins
+ defined, then the _admin role is added to the context.
+ 
+ 
+ === couch_http::null_authentication_handler ===
+ 
+ Any request is granted the _admin role.
+ 
+ === couch_http::special_test_authentication_handler ===
+ 
+ If the WWW-Authentication header has a value like "X-Couch-Test-Auth username:password",
+ the user name and password are checked against a hard-coded list of username/password
+ combinations.  If the request matches, the user name (but not the _admin role) is added,
+ otherwise an exception is thrown.  If the WWW-Authentication header is not present
+ or does not match the pattern, the _admin role is added.
+ 
+ === couch_httpd_oauth::oauth_authentication_handler ===
+ 
+ [http://issues.apache.org/jira/browse/COUCHDB-420 COUCHDB-420] implements an
+ [http://oauth.net/ OAuth] authentication handler.  The patch also changes
+ couch_http to accept a list of authentication handlers instead of a single
+ authentication handler.
+ 
  
  == Authorization use cases ==
  

Mime
View raw message