couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Rose <>
Subject Re: Basic security help
Date Wed, 03 Nov 2010 05:20:36 GMT
The _admins you create in futon are admins because they get written do
default.ini. They don't need to have the _admin value in doc.roles.

To create a normal user with a role of "reader", just PUT
{"name":"username","roles":["reader"]....} to


On Tue, Nov 2, 2010 at 6:33 PM,  <> wrote:
> Loving couch! Used it for real for the first time today for capturing
> logging information from an iPhone application. Love the way I can
> just use JSON to send data direct to the DB without a server side
> application layer ... BUT
> I need to get some basic security in place and can't figure out how to
> add regular users, rather than admin users to couch. I'm running 1.0.1
> by the way and have read all the documentation, which has left me
> rather confused.
> I can setup admin users in futon fine. However in the _users database,
> the roles are empty. I thought admin users had a role of _admin? Is
> this not the case??
> I see no interface for setting up regular users though. What I'd like
> to do is have basic http authentication so I can use that for access
> to a particular database. Not uber secure, but for now it will be
> better than exposing everything to everyone!
> So my questions are;
> 1) Why do admin users have no role attached?
> 2) How do I create a new user that doesn't have admin rights? I just
> want to allocate this user as a "reader" for the database concerned.
> I think I'm confused because the sands seem to have been shifting on
> this as it is all rather fluid so I can't get my head around what the
> plan is for which versions! Apologies for being a bit dense about it.
> Many thanks in advance!
> Roger

View raw message