Return-Path: 
 <dev-return-39112-apmail-couchdb-dev-archive=couchdb.apache.org@couchdb.apache.org>
X-Original-To: apmail-couchdb-dev-archive@www.apache.org
Delivered-To: apmail-couchdb-dev-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 2A674FE86
	for <apmail-couchdb-dev-archive@www.apache.org>;
 Fri, 14 Nov 2014 19:35:39 +0000 (UTC)
Received: (qmail 8799 invoked by uid 500); 14 Nov 2014 19:35:35 -0000
Delivered-To: apmail-couchdb-dev-archive@couchdb.apache.org
Received: (qmail 8709 invoked by uid 500); 14 Nov 2014 19:35:35 -0000
Mailing-List: contact dev-help@couchdb.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@couchdb.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@couchdb.apache.org>
List-Post: <mailto:dev@couchdb.apache.org>
List-Id: <dev.couchdb.apache.org>
Reply-To: dev@couchdb.apache.org
Delivered-To: mailing list dev@couchdb.apache.org
Received: (qmail 8578 invoked by uid 99); 14 Nov 2014 19:35:35 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Nov 2014 19:35:35 +0000
Date: Fri, 14 Nov 2014 19:35:35 +0000 (UTC)
From: "ASF subversion and git services (JIRA)" <jira@apache.org>
To: dev@couchdb.apache.org
Message-ID: <JIRA.12754279.1415660786000.502918.1415993735370@Atlassian.JIRA>
In-Reply-To: <JIRA.12754279.1415660786000@Atlassian.JIRA>
References: <JIRA.12754279.1415660786000@Atlassian.JIRA>
 <JIRA.12754279.1415660786083@arcas>
Subject: [jira] [Commented] (COUCHDB-2452) Provide _users DB security when
 _users DB is on the clustered interface
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212707#comment-14212707 ] 

ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------

Commit cad071cc0b5018bfd355ef49de8941e2d545900a in couchdb-couch's branch refs/heads/2452-users-db-security-on-clustered-interface from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch.git;h=cad071c ]

Add _users DB callbacks when opening _users shards

The check to determine whether to add the callback functions for
_users DB operations was only checking the raw database name. When
using the authentication DB on the clustered database this meant
that this check would fail and the callbacks would not be added.

This commit checks the DB name (rather than the shard name) against
the value of chttpd_auth/authentication_db so that shards for
clustered authentication DBs have the appropriate callbacks added.

COUCHDB-2452 1/3


> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
>                 Key: COUCHDB-2452
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-2452
>             Project: CouchDB
>          Issue Type: Improvement
>      Security Level: public(Regular issues) 
>          Components: Database Core
>            Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics which are currently only supported on the admin port (default 5986). Since we support using the _users DB on the clustered port we should also ensure the same security semantics apply there.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)