couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (COUCHDB-2452) Provide _users DB security when _users DB is on the clustered interface
Date Fri, 14 Nov 2014 19:35:35 GMT

    [ https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212708#comment-14212708
] 

ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------

Commit 2ed693836af73c284c1f394a3c908ff3fcc30f59 in couchdb-couch's branch refs/heads/2452-users-db-security-on-clustered-interface
from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch.git;h=2ed6938 ]

Update auth DB docs via the auth module

Documents in the authentication DB were being updated directly
from couch_httpd_auth via couch_db:update_doc/3. This meant that
updates to documents with the authentication DB on the clustered
interface (5984) would fail.

This commit makes the auth module responsible for the document
update via a ?MODULE:update_auth_doc/1 function and add
couch_auth_cache:update_auth_doc/1 which proxies to
couch_db:update_doc/3.

COUCHDB-2452 2/3


> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
>                 Key: COUCHDB-2452
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2452
>             Project: CouchDB
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: Database Core
>            Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics which are
currently only supported on the admin port (default 5986). Since we support using the _users
DB on the clustered port we should also ensure the same security semantics apply there.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message