couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Couchdb Wiki] Update of "Authentication and Authorization" by CurtArnold
Date Wed, 29 Jul 2009 15:44:09 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The following page has been changed by CurtArnold:

  The catalog of use-cases could be helpful to describe the feature set of
  any proposals and to identify any architectural issues.
+ ADMIN-PARTY: All requests are authorized.
+ CONFIGURED-ROOT: All requests are authorized for a configured user or class of users. 
+ DESIGNDOC-AUTHORIZATION: All requests are authorized by evaluating the
+ request against rules stored in design document or documents.  This would likely need to
+ passing a message to a process that tracks the design documents and which would
+ be able to respond with a go/no-go decision.
+ VALID-USER: All requests are authorized for authenticated users.
+ READ-ONLY-ANON: Only read requests are authorized for unauthenticated users.
+ DENY-ANON: All requests are denied for unauthenticated users.
+ PER-DB-AUTHORIZATION: Different databases has different authorization schemes.
+ CUSTOM-AUTHORIZATION: An admin can configure a custom authorization handler.
+ CONTENT-SENSITIVE: The authorization scheme may evaluate the document 
+ (and previous document on updates) before authorizing a GET or PUT.
+ VIEW-VALUES-ONLY: The authorization scheme may allow a user to retrieve
+ the values from a view, but will reject an attempt to include documents.
  == Authorization hooks ==
  Authorization is not configurable in CouchDB 0.9.x or the current SVN HEAD.

View raw message