couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Daniel Gonzalez <gonva...@gonvaled.com>
Subject Re: Curiosity how you use CouchDB in your web env.
Date Thu, 07 Mar 2013 16:02:24 GMT
Several things:

   - merging data is complicated. If your view does not provide the *exact*
   data that your user needs to see, you will have trouble. For example, let's
   say you have a list of events, and a list of contacts. Each event
   corresponds to a given contact, but the name of the contact is not in the
   event, just a refernce to it (because you want the user to edit the
   contacts, and you do not want to modify all events when the contact has
   been edited). So, to show the full data to the user you have to merge
   events with contacts.
   - serving those events in real time is difficult: you need to listen to
   _changes in different databases, merge them, paginate in your application,
   cache the result, and notify the client (via websocket for example).
   Nooooot easy.
   - maintenance in couchdb is difficult. Have you ever tried to correct a
   problem in 1 million documents? Just finding the documents with problems is
   a daunting task. (the same would apply to other databases, probably)

On the other hand, view access is very fast (once indexed), and replication
is very useful.

On Thu, Mar 7, 2013 at 4:47 PM, TAE JIN KIM <snowebang@hotmail.com> wrote:

> Daniel,
>
> So basically, what you r saying is that you put application layer in front
> of couch, so user no direct access to the couch..
> Right?..I think you did pretty much similar thing #2 in my original post...
> BTW, just out of curiosity,  by doing this, any performance degradation /
> or any trouble stuff you may have to face with something you might had not
> expected at all ?...
>
> Thanks,
>
> > From: gonvaled@gonvaled.com
> > Date: Thu, 7 Mar 2013 16:37:36 +0100
> > Subject: Re: Curiosity how you use CouchDB in your web env.
> > To: user@couchdb.apache.org
> >
> > Well, if things were always so easy!
> >
> > We have this scenario: our webapp has to server data to different
> > organizations (hopefully thousands, if our product sells well). That
> means
> > we can not partition data in different databases: it would be a
> maintenance
> > nightmare. can somebody tell me how to:
> >
> >    - upgrade the design docs in 1000 databases without going crazy?
> >    - How to backup them?
> >    - ...
> >
> > I mean, the more databases you have, the more complicated maintenance
> > becomes. Maybe that can be automated, but it is not easy out of the box.
> >
> > Besides, I do not want to implement the following:
> >
> >    - new organization signs-up
> >    - we create a new database for it
> >    - we upload the design documens
> >    - we trigger those documents
> >
> > I mean, it is probably doable, but I am not walking that path right now.
> > So, the only way that I know of in which we can partition the data is by
> > having an application server in front of couch: a single database for all
> > customers, with access control implemented via view filtering with the
> > org_id as key. The user has no direct access to couch.
> >
> > On Wed, Mar 6, 2013 at 7:42 PM, Robert Newson <rnewson@apache.org>
> wrote:
> >
> > > Don't grant users access to databases you don't want them to read. :)
> > >
> > >
> http://wiki.apache.org/couchdb/Security_Features_Overview#Authorization
> > >
> > > B.
> > >
> > > On 6 March 2013 12:33, Mark Hahn <mark@hahnca.com> wrote:
> > > > Anyone logged in can read any document in the DB.  I have to check
> each
> > > > user and what they are trying to do to block illegal actions.
> > > >
> > > >
> > > > On Wed, Mar 6, 2013 at 9:51 AM, Robert Newson <rnewson@apache.org>
> > > wrote:
> > > >
> > > >> "How does everyone solve the security issue?"
> > > >>
> > > >> What security problem? Only administrators can modify design
> documents.
> > > >>
> > > >> B.
> > > >>
> > > >> On 6 March 2013 11:38, Aurélien Bénel <aurelien.benel@utt.fr>
> wrote:
> > > >> > Hi,
> > > >> >
> > > >> >> just out of curiosity, would like to hear how CouchDB is
being
> used
> > > in
> > > >> your web environment....
> > > >> >
> > > >> > We have two main setups:
> > > >> > - CouchApps,
> > > >> > - REST APIs used by heavy clients (Java or Firefox extensions)
and
> > > >> attached Web applications.
> > > >> >
> > > >> >> How does everyone solve the security issue?
> > > >> >
> > > >> > We always use CouchDB behind a reverse proxy to add LDAP
> > > authentication
> > > >> and authorization when needed.
> > > >> >
> > > >> >
> > > >> > Regards,
> > > >> >
> > > >> > Aurélien
> > > >>
> > >
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message