couchdb-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <wikidi...@apache.org>
Subject [Couchdb Wiki] Update of "Security_Features_Overview" by JanLehnardt
Date Sun, 06 Jan 2013 15:09:34 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by JanLehnardt:
http://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=34&rev2=35

Comment:
reader -> member

  
  If both the names and roles fields of either the admins or members properties are empty
arrays, it means the database has no admins or members. Having no admins, only server admins
(with the reserved _admin role) are able to update design document and make other admin level
changes. Having no members, any user can write regular documents (any non-design document)
and read documents from the database.
  
- '''Note:''' If there are any reader names or roles defined for a database, then only authenticated
users having a matching name or role are allowed to read documents from the database (or do
a GET /db_name/ call).
+ '''Note:''' If there are any member names or roles defined for a database, then only authenticated
users having a matching name or role are allowed to read documents from the database (or do
a GET /db_name/ call).
  
  Each user name mentioned in a database security object refers to a user that is defined
in the authentication database. The default name of this database is ''_users'' but it is
configurable in the .ini configuration files:
  

Mime
View raw message