couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jan Lehnardt (JIRA)" <>
Subject [jira] Closed: (COUCHDB-263) require valid user for all database operations
Date Wed, 12 Aug 2009 00:38:14 GMT


Jan Lehnardt closed COUCHDB-263.

    Resolution: Fixed

Fixed in r800938 as part of COUCHDB-420.

> require valid user for all database operations
> ----------------------------------------------
>                 Key: COUCHDB-263
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>          Components: HTTP Interface
>    Affects Versions: 0.9
>         Environment: All platforms.
>            Reporter: Jack Moffitt
>            Priority: Blocker
>             Fix For: 0.10
>         Attachments: couchauth.diff
> Admin accounts currently restrict a few operations, but leave all other operations completely
open.  Many use cases will require all operations to be authenticated.   This can certainly
be done by overriding the default_authentication_handler, but I think this very common use
case can be handled in default_authentication_handler without increasing the complexity much.
> Attached is a patch which adds a new config option, "require_valid_user", which restricts
all operations to authenticated users only.  Since CouchDB currently only has admins, this
means that all operations are restricted to admins.  In a future CouchDB where there are also
normal users, the intention is that this would let them pass through as well.

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message