couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Basic security help
Date Tue, 02 Nov 2010 23:33:10 GMT
Loving couch! Used it for real for the first time today for capturing
logging information from an iPhone application. Love the way I can
just use JSON to send data direct to the DB without a server side
application layer ... BUT

I need to get some basic security in place and can't figure out how to
add regular users, rather than admin users to couch. I'm running 1.0.1
by the way and have read all the documentation, which has left me
rather confused.

I can setup admin users in futon fine. However in the _users database,
the roles are empty. I thought admin users had a role of _admin? Is
this not the case??

I see no interface for setting up regular users though. What I'd like
to do is have basic http authentication so I can use that for access
to a particular database. Not uber secure, but for now it will be
better than exposing everything to everyone!

So my questions are;

1) Why do admin users have no role attached?
2) How do I create a new user that doesn't have admin rights? I just
want to allocate this user as a "reader" for the database concerned.

I think I'm confused because the sands seem to have been shifting on
this as it is all rather fluid so I can't get my head around what the
plan is for which versions! Apologies for being a bit dense about it.

Many thanks in advance!


View raw message