couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Victor Stan <>
Subject Re: CouchDB behind apache reverse proxy
Date Mon, 08 Nov 2010 18:00:24 GMT
Thanks for the resources, I will take a look...

I need to:

- have anonymous writes to the database, from the browser (can couchDB
validate content before storing it?)
- anonymous reads of only specific views, is there a way to limit
reads of only specific views? Perhaps through Apache R-Proxying?

Victor Stan

On Mon, Nov 8, 2010 at 11:32 AM, Zachary Zolton
<> wrote:
> Victor,
> If you serve CouchDB directly, or just proxy CouchDB via a web server,
> you're gonna need to read up on the CouchDB security model and
> consider whether it fits your application.
> This should get you started:
> The main 'gotcha' with CouchDB's security model is that a user can
> either access all or none of the resources for any particular
> database. Consider what types of data can be accessed anonymously, by
> a particular user or by a role shared by multiple users. You may need
> to place documents in different databases depending on who may access
> them.
> Perhaps you could explain more of your scenario.
> Cheers,
> Zach
> On Mon, Nov 8, 2010 at 8:53 AM, Victor Stan <> wrote:
>> Hello,
>> I've been considering methods of accessing CouchDB directly from the
>> browser, and one method seems to be using Apache or NginX as a reverse
>> proxy for CouchDB.
>> If there are people with experience in that area in this forum, could
>> you please share some of the gotchas when it comes to securing access
>> to the database; as it seems to me that by removing the server side
>> scripts, a security layer is also removed...
>> Cheers,
>> Victor Stan

View raw message