couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (COUCHDB-2452) Provide _users DB security when _users DB is on the clustered interface
Date Tue, 11 Nov 2014 00:24:35 GMT


ASF subversion and git services commented on COUCHDB-2452:

Commit 569b00f301232a4b4ce2e038ef5bdf92c3b52079 in couchdb-chttpd's branch refs/heads/2452-users-db-security-on-clustered-interface
from [~mikewallace]
[;h=569b00f ]

Only admins access _users _all_docs on 5984

When couch_httpd_auth/users_db_public is set to false and the
_users DB is on the admin interface (5986) only admins can read
the _all_docs view.

This commit creates the same behaviour on the clustered interface
(5984) when chttpd_auth/users_db_public is set to false.

COUCHDB-2452 5/?

> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>                 Key: COUCHDB-2452
>                 URL:
>             Project: CouchDB
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: Database Core
>            Reporter: Mike Wallace
> The authentication DB (default name _users) has special security semantics which are
currently only supported on the admin port (default 5986). Since we support using the _users
DB on the clustered port we should also ensure the same security semantics apply there.

This message was sent by Atlassian JIRA

View raw message