couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Authentication and Authorization" by CurtArnold
Date Wed, 29 Jul 2009 15:44:09 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The following page has been changed by CurtArnold:
http://wiki.apache.org/couchdb/Authentication_and_Authorization

------------------------------------------------------------------------------
  The catalog of use-cases could be helpful to describe the feature set of
  any proposals and to identify any architectural issues.
  
+ ADMIN-PARTY: All requests are authorized.
+ 
+ CONFIGURED-ROOT: All requests are authorized for a configured user or class of users. 
+ 
+ DESIGNDOC-AUTHORIZATION: All requests are authorized by evaluating the
+ request against rules stored in design document or documents.  This would likely need to
involve
+ passing a message to a process that tracks the design documents and which would
+ be able to respond with a go/no-go decision.
+ 
+ VALID-USER: All requests are authorized for authenticated users.
+ 
+ READ-ONLY-ANON: Only read requests are authorized for unauthenticated users.
+ 
+ DENY-ANON: All requests are denied for unauthenticated users.
+ 
+ PER-DB-AUTHORIZATION: Different databases has different authorization schemes.
+ 
+ CUSTOM-AUTHORIZATION: An admin can configure a custom authorization handler.
+ 
+ CONTENT-SENSITIVE: The authorization scheme may evaluate the document 
+ (and previous document on updates) before authorizing a GET or PUT.
+ 
+ VIEW-VALUES-ONLY: The authorization scheme may allow a user to retrieve
+ the values from a view, but will reject an attempt to include documents.
+ 
+ 
+ 
  == Authorization hooks ==
  
  Authorization is not configurable in CouchDB 0.9.x or the current SVN HEAD.

Mime
View raw message