couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rao Venugopal <ven...@gmail.com>
Subject Couchdb + custom authentication
Date Thu, 19 Jan 2012 19:41:23 GMT
Hi

Is it possible to integrate custom authentication/authorization with
couchdb instead of using the couchdb sessions api.
At my company, we already have an cookie based authorization service
and it is unlikely that we can move from it to couchdb's
authentication.  Hence, I want to do something along the following
lines
a) Intercept the GET/POST/PUT/DELETE requests & validate the user's
cookie (using the authentication service)
b) decrpt the user's user id/email from cookie
c) Check against couchdb's "db/_security" to check if the email is in
the names collection for either dba admin / reader role
     i) If the ok,
         - allow the operation to succeed or do a 301 redirect to
couchdb.
         - Ideal scenario would be if it is possible userid to
couchdb
so couchdb filters can use it in the following fashion.
      function(doc, req) {
        if (doc.username) {
                if (doc.username == req.userCtx.name) {
                        return true;
                }
        }
        return false;

}

   ii) Else return http 401 not authorized
Does couchdb provide for ability to plugin support for this or would
I
have to write a front end service which serves as  a proxy between my
remote couchdb server instance and the local couchdb on my
smartphone?  Has anyone had any success in either of these two
scenarios?

Thanks
-Venu

PS : I asked this question at the mobile couchbase group and was
advised to ask here

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message