couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <>
Subject Re: Authentication Question
Date Wed, 19 Oct 2011 11:04:27 GMT
You could enable the proxy authentication handler;

%% @doc proxy auth handler.
% This handler allows creation of a userCtx object from a user
authenticated remotly.
% The client just pass specific headers to CouchDB and the handler
create the userCtx.
% Headers  name can be defined in local.ini. By thefault they are :
%   * X-Auth-CouchDB-UserName : contain the username, (x_auth_username in
%   couch_httpd_auth section)
%   * X-Auth-CouchDB-Roles : contain the user roles, list of roles
separated by a
%   comma (x_auth_roles in couch_httpd_auth section)
%   * X-Auth-CouchDB-Token : token to authenticate the authorization
%   in couch_httpd_auth section). This token is an hmac-sha1 created
from secret key
%   and username. The secret key should be the same in the client and
couchdb node. s
%   ecret key is the secret key in couch_httpd_auth section of ini.
This token is optional
%   if value of proxy_use_secret key in couch_httpd_auth section of
ini isn't true.

Add {couch_httpd_auth, proxy_authentification_handler} to [httpd]
authentication_handlers. And, yes, it's really called
authentification. I assume an ancient typo or possibly a hilarious


On 19 October 2011 11:08, CGS <> wrote:
> I think you can start by deploying your DB files in directories protected by
> password (https) and use redirection in your server. Never tried it.
> Cheers,
> On 10/19/2011 11:59 AM, Paul Hirst wrote:
>> Hi, I've been trying to read around this on the web but I just can't find
>> an answer which makes sense to me.
>> I would like to build a couch app and I would like to use an existing
>> system to do the authentication. I can build an interface on this other
>> system to do whatever is required to make this work (eg some REST thing
>> issue cookies or validate username/password) but I can't see how I would
>> make couch use this interface.
>> If I can avoid it I'd rather not have users really exist in the _users
>> database but if this is unavoidable maybe I could create them on the fly?
>> I know I've been vague but can anyone offer a starting point?
>> ________________________________
>> Sophos Limited, The Pentagon, Abingdon Science Park, Abingdon, OX14 3YP,
>> United Kingdom.
>> Company Reg No 2096520. VAT Reg No GB 991 2418 08.

View raw message