couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paweł Stawicki <pawelstawi...@gmail.com>
Subject Re: Common security pattern?
Date Sun, 03 Jan 2010 17:42:56 GMT
On Sun, Jan 3, 2010 at 17:52, Sean Hess <seanhess@gmail.com> wrote:
> I'm brand new at this, so I don't know the common way to solve this,
> but I was thinking it should be possible to put it behind nginx or
> apache, and simply return a 503 code if they tried to hit your
> database url instead of a document.

Yes, that's some solution, but what with deleting documents?

> If that doesn't work, you could always put a thin middleware layer in
> front of couch that did nothing but security. (You can get webservers
> to give you the intended URL as a variable)

And yes, this seems to be good solution. This way I can let user
delete, but limit the deletes. This is what I want.

But anyway, I am interested how this issue is usually solved, what is
common pattern.

Thanks!
-- 
Paweł Stawicki
http://pawelstawicki.blogspot.com
http://szczecin.jug.pl
http://www.java4people.com

Mime
View raw message