couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From TAE JIN KIM <snoweb...@hotmail.com>
Subject RE: Curiosity how you use CouchDB in your web env.
Date Wed, 06 Mar 2013 19:11:09 GMT
Let's suppose that you deployed your html to http://127.0.0.1:5984/testdb/_design/frontend/Index.htm
served by your CouchDB directly.
How do you set up in a way that anonymous users are only able to access _design/front-end,
but nothing else like futon management pages(_utils)
Looks like you may be able to set up an account, but still anonymous users still are able
to read futon management page(_utils) for all of database and documents...
 
Thanks,

> Date: Wed, 6 Mar 2013 12:42:28 -0600
> Subject: Re: Curiosity how you use CouchDB in your web env.
> From: rnewson@apache.org
> To: user@couchdb.apache.org
> 
> Don't grant users access to databases you don't want them to read. :)
> 
> http://wiki.apache.org/couchdb/Security_Features_Overview#Authorization
> 
> B.
> 
> On 6 March 2013 12:33, Mark Hahn <mark@hahnca.com> wrote:
> > Anyone logged in can read any document in the DB.  I have to check each
> > user and what they are trying to do to block illegal actions.
> >
> >
> > On Wed, Mar 6, 2013 at 9:51 AM, Robert Newson <rnewson@apache.org> wrote:
> >
> >> "How does everyone solve the security issue?"
> >>
> >> What security problem? Only administrators can modify design documents.
> >>
> >> B.
> >>
> >> On 6 March 2013 11:38, Aurélien Bénel <aurelien.benel@utt.fr> wrote:
> >> > Hi,
> >> >
> >> >> just out of curiosity, would like to hear how CouchDB is being used
in
> >> your web environment....
> >> >
> >> > We have two main setups:
> >> > - CouchApps,
> >> > - REST APIs used by heavy clients (Java or Firefox extensions) and
> >> attached Web applications.
> >> >
> >> >> How does everyone solve the security issue?
> >> >
> >> > We always use CouchDB behind a reverse proxy to add LDAP authentication
> >> and authorization when needed.
> >> >
> >> >
> >> > Regards,
> >> >
> >> > Aurélien
> >>
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message