couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From TAE JIN KIM <snoweb...@hotmail.com>
Subject RE: Curiosity how you use CouchDB in your web env.
Date Thu, 07 Mar 2013 15:47:38 GMT
Daniel,

So basically, what you r saying is that you put application layer in front of couch, so user
no direct access to the couch..
Right?..I think you did pretty much similar thing #2 in my original post...
BTW, just out of curiosity,  by doing this, any performance degradation / or any trouble stuff
you may have to face with something you might had not expected at all ?...

Thanks,

> From: gonvaled@gonvaled.com
> Date: Thu, 7 Mar 2013 16:37:36 +0100
> Subject: Re: Curiosity how you use CouchDB in your web env.
> To: user@couchdb.apache.org
> 
> Well, if things were always so easy!
> 
> We have this scenario: our webapp has to server data to different
> organizations (hopefully thousands, if our product sells well). That means
> we can not partition data in different databases: it would be a maintenance
> nightmare. can somebody tell me how to:
> 
>    - upgrade the design docs in 1000 databases without going crazy?
>    - How to backup them?
>    - ...
> 
> I mean, the more databases you have, the more complicated maintenance
> becomes. Maybe that can be automated, but it is not easy out of the box.
> 
> Besides, I do not want to implement the following:
> 
>    - new organization signs-up
>    - we create a new database for it
>    - we upload the design documens
>    - we trigger those documents
> 
> I mean, it is probably doable, but I am not walking that path right now.
> So, the only way that I know of in which we can partition the data is by
> having an application server in front of couch: a single database for all
> customers, with access control implemented via view filtering with the
> org_id as key. The user has no direct access to couch.
> 
> On Wed, Mar 6, 2013 at 7:42 PM, Robert Newson <rnewson@apache.org> wrote:
> 
> > Don't grant users access to databases you don't want them to read. :)
> >
> > http://wiki.apache.org/couchdb/Security_Features_Overview#Authorization
> >
> > B.
> >
> > On 6 March 2013 12:33, Mark Hahn <mark@hahnca.com> wrote:
> > > Anyone logged in can read any document in the DB.  I have to check each
> > > user and what they are trying to do to block illegal actions.
> > >
> > >
> > > On Wed, Mar 6, 2013 at 9:51 AM, Robert Newson <rnewson@apache.org>
> > wrote:
> > >
> > >> "How does everyone solve the security issue?"
> > >>
> > >> What security problem? Only administrators can modify design documents.
> > >>
> > >> B.
> > >>
> > >> On 6 March 2013 11:38, Aurélien Bénel <aurelien.benel@utt.fr> wrote:
> > >> > Hi,
> > >> >
> > >> >> just out of curiosity, would like to hear how CouchDB is being
used
> > in
> > >> your web environment....
> > >> >
> > >> > We have two main setups:
> > >> > - CouchApps,
> > >> > - REST APIs used by heavy clients (Java or Firefox extensions) and
> > >> attached Web applications.
> > >> >
> > >> >> How does everyone solve the security issue?
> > >> >
> > >> > We always use CouchDB behind a reverse proxy to add LDAP
> > authentication
> > >> and authorization when needed.
> > >> >
> > >> >
> > >> > Regards,
> > >> >
> > >> > Aurélien
> > >>
> >
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message