couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jack Moffitt (JIRA)" <>
Subject [jira] Created: (COUCHDB-263) require valid user for all database operations
Date Fri, 20 Feb 2009 22:51:04 GMT
require valid user for all database operations

                 Key: COUCHDB-263
             Project: CouchDB
          Issue Type: Improvement
          Components: HTTP Interface
    Affects Versions: 0.9
         Environment: All platforms.
            Reporter: Jack Moffitt
            Priority: Minor
         Attachments: couchauth.diff

Admin accounts currently restrict a few operations, but leave all other operations completely
open.  Many use cases will require all operations to be authenticated.   This can certainly
be done by overriding the default_authentication_handler, but I think this very common use
case can be handled in default_authentication_handler without increasing the complexity much.

Attached is a patch which adds a new config option, "require_valid_user", which restricts
all operations to authenticated users only.  Since CouchDB currently only has admins, this
means that all operations are restricted to admins.  In a future CouchDB where there are also
normal users, the intention is that this would let them pass through as well.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message