couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From thadgui...@gmail.com
Subject Re: Re: "Personal" Couch DB.
Date Fri, 26 Jun 2009 15:04:06 GMT
Eric,

I like the idea of OAuth incorporated down the line.

Also, It seems as if Brian and yourself are talking more in general about a  
Multi-Tenancy environment within a single CouchDB or is it not as grand of  
an idea yet ? ( "Are we there yet?" )

-Thad

On Jun 26, 2009 3:55am, eric casteleijn <eric.casteleijn@canonical.com>  
wrote:
> Brian Candler wrote:


> On Wed, Jun 24, 2009 at 07:55:36AM -0400, Elliot Murphy wrote:


> In fact, this effort to run a CouchDB for every single user account on a  
> computer




> Interesting. A few questions:


> Hi Brian,



> Elliot's on holiday, so I'm going to be presumptious and respond in his  
> stead. I hope I don't say anything too far from the truth.




> (1) What stops user A from accessing user B's data? Will this be done with

> HTTP authentication?



> Perhaps in this context it might make more sense to use a Unix domain

> socket, but then again, nobody talks HTTP over those :-(




> We've thought about using sockets, and while that would be a good way to  
> do it, it would also mean a lot of work making HTTP client libraries work  
> with that.



> We think this could be more easily solved by having authorization in  
> CouchDB, and we're talking with Jan and Chris about adding OAuth to  
> CouchDB.



> OAuth is a good candidate since it's explicitly meant for authenticating  
> applications with servers over HTTP, so it's a good fit for our use case,  
> where the server happens to live on the same machine, but also a good fit  
> for talking to CouchDB on a remote server.




> (2) Is the per-user Erlang/CouchDB process going to be started when the  
> user

> logs into the graphical desktop (gdm/kdm?)



> What about having a single system-wide CouchDB instance instead of  
> spawning

> a new Erlang VM for each user? Then at least, if I log into my home  
> machine

> via ssh (while not logged into the console), the service would still be

> there.




> For Ubuntu, the per-user process will be started up by being prompted  
> from a DBUS service. We're making a DBUS service that handles getting  
> OAuth credentials from the Gnome keyring and ensuring that the user's  
> CouchDB is running.



> We thought about having a system-wide CouchDB, and having separate  
> databases for each user. This is hard, though, because we want to have  
> the database files be in each user's home directory, so that they get  
> backed-up and so on in a way that users expect. We also don't want to run  
> CouchDB as root. So, we're setting things up with one CouchDB server per  
> user.



> It would be easy to set up CouchDB to be running all the time, for users  
> who want that. We need to make sure it doesn't affect the whole system's  
> start-up and log in time, though, so that makes starting CouchDB on  
> demand more attractive.



> Hope this helps,



> --

> - eric casteleijn

> http://www.canonical.com


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message