couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jack Moffitt (JIRA)" <>
Subject [jira] Updated: (COUCHDB-263) require valid user for all database operations
Date Fri, 20 Feb 2009 22:51:04 GMT


Jack Moffitt updated COUCHDB-263:

    Attachment: couchauth.diff

Patch to add require_valid_user to httpd config section.

> require valid user for all database operations
> ----------------------------------------------
>                 Key: COUCHDB-263
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: HTTP Interface
>    Affects Versions: 0.9
>         Environment: All platforms.
>            Reporter: Jack Moffitt
>            Priority: Minor
>         Attachments: couchauth.diff
> Admin accounts currently restrict a few operations, but leave all other operations completely
open.  Many use cases will require all operations to be authenticated.   This can certainly
be done by overriding the default_authentication_handler, but I think this very common use
case can be handled in default_authentication_handler without increasing the complexity much.
> Attached is a patch which adds a new config option, "require_valid_user", which restricts
all operations to authenticated users only.  Since CouchDB currently only has admins, this
means that all operations are restricted to admins.  In a future CouchDB where there are also
normal users, the intention is that this would let them pass through as well.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message