couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benoit Chesneau" <bchesn...@gmail.com>
Subject Re: CouchDB 1.0 work
Date Sat, 10 May 2008 18:39:17 GMT
On Sat, May 10, 2008 at 7:36 PM, Christopher Lenz <cmlenz@gmx.de> wrote:
> On 10.05.2008, at 17:53, Damien Katz wrote:
>>
>> On May 10, 2008, at 11:35 AM, Christopher Lenz wrote:
>>>
>>> As far as I know, the proxy will keep the auth info to itself, and the
>>> request will look like a standard anonymous request to CouchDB. I *think* if
>>> we don't implement authentication, we can not implement
>>> authorization/security for document validation.
>>
>> Well, I don't know the details of authenticating proxies, but if the user
>> provides credentials in the HTTP header, and the proxy server validates it
>> and passes it on, then CouchDB would just use the same credentials with the
>> assumption they are authenticated because the HTTP server validated it. But
>> maybe this isn't possible for reasons I don't know about.
>
> I made a test with Apache/mod_proxy with Digest auth, and it does seem to
> pass through the auth credentials (username, realm, etc) via the
> Authorization header. So this should hopefully work in general, sorry for
> the noise :P
>
> Cheers,
> --
> Christopher Lenz
>  cmlenz at gmx.de
>  http://www.cmlenz.net/
>
>

the same with nginx or squid :)

-- 
- benoƮt

Mime
View raw message