couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Damien Katz (JIRA)" <j...@apache.org>
Subject [jira] Commented: (COUCHDB-263) require valid user for all database operations
Date Thu, 18 Jun 2009 19:54:07 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12721435#action_12721435
] 

Damien Katz commented on COUCHDB-263:
-------------------------------------

hmmm, on second thought, we do need this both as a server wide setting and at the database
level.

However, this check and throwing exceptions for authenticated users should not be done in
the authentication function, but by the caller of the auth function, so the setting works
with all auth handlers.

Also, it would be nice to have a more complete solution with more settings: allowed users,
disallowed users and allow anonymous

> require valid user for all database operations
> ----------------------------------------------
>
>                 Key: COUCHDB-263
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-263
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: HTTP Interface
>    Affects Versions: 0.9
>         Environment: All platforms.
>            Reporter: Jack Moffitt
>            Priority: Minor
>         Attachments: couchauth.diff
>
>
> Admin accounts currently restrict a few operations, but leave all other operations completely
open.  Many use cases will require all operations to be authenticated.   This can certainly
be done by overriding the default_authentication_handler, but I think this very common use
case can be handled in default_authentication_handler without increasing the complexity much.
> Attached is a patch which adds a new config option, "require_valid_user", which restricts
all operations to authenticated users only.  Since CouchDB currently only has admins, this
means that all operations are restricted to admins.  In a future CouchDB where there are also
normal users, the intention is that this would let them pass through as well.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message