couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Lance Carlson <lancecarl...@gmail.com>
Subject Re: Curiosity how you use CouchDB in your web env.
Date Fri, 08 Mar 2013 03:06:39 GMT
Keep me posted on your decision. I just node in front and also hit the same
node process with background processing. Very curious about what others are
choosing any why.

On Thu, Mar 7, 2013 at 9:54 PM, Jeff Charette <iomatix@yahoo.com> wrote:

> For my use case I would like to take advantage of couches replication and
> putting something in front of couch seems it complicate that.  Also, I
> don't want couch to touch any credit information and simply like to pass
> through to a service.  Externals seems a good use case for this, but node
> in front would get the job done as well.  The more I think about it though
> I may put node in front because I have not been able to pass a POST request
> through externals.
>
> Jeff Charette | Principal
> We Are Charette
> web / identity / packaging
>
> m  415.298.2707
> w  wearecharette.com
> e   jeffrey@wearecharette.com
>
> On Mar 7, 2013, at 4:37 PM, Lance Carlson <lancecarlson@gmail.com> wrote:
>
> > Jeff,
> >
> > I just started probing at the externals API. Didn't know what it did
> > exactly and it looks cool. What are the advantages/disadvantages of using
> > that vs using something node as a proxy to couch?
> >
> > On Thu, Mar 7, 2013 at 12:54 PM, Tim Anderson <timatbeat@gmail.com>
> wrote:
> >
> >> Anybody using couchdb as data layer with Grails?
> >>
> >>
> >> On Thu, Mar 7, 2013 at 11:38 AM, Jeff Charette <iomatix@yahoo.com>
> wrote:
> >>
> >>> I use pure couchapps backed by node processes for transactions.
> >>> I use kanso to manage my couchapps.  May switch to just grunt and
> manage
> >>> packages on npm.
> >>>
> >>> For security everything goes through rewrites then design doc shows,
> >>> lists, updates.  This messes up my ability to upload attachments since
> I
> >>> need secure_rewrites.  I am currently working through the database per
> >> user
> >>> setup as well.
> >>>
> >>> Also would love to hear how people are using externals.  I am passing
> >>> transactions request directly to externals then to node, but have only
> >> been
> >>> able to do GET request.  Finally, I set the state of a document on
> couch
> >>> when the node process is complete.  I do have a question of how people
> >> are
> >>> authenticating back to couchdb.  Is the AuthSession cookie enough?
> >>>
> >>> Jeff Charette | Principal
> >>> We Are Charette
> >>> web / identity / packaging
> >>>
> >>> m  415.298.2707
> >>> w  wearecharette.com
> >>> e   jeffrey@wearecharette.com
> >>>
> >>> On Mar 7, 2013, at 10:57 AM, svilen <az@svilendobrev.com> wrote:
> >>>
> >>>> probably, for going this way, one might use non-blocking
> >>>> long_poll webframework like python/Tornado to wrap couchdb
> >>>> replication/changes feed too. Thus something like
> >>>> http:(someuserauth)//appserver/mychannel can route to couchdb's
> >>>> changes for that database - or even aggregation - for that user even
> >>>> if notion of user is not at all couchdb's one.
> >>>> haven't tried it though.
> >>>>
> >>>> On Fri, 8 Mar 2013 00:47:38 +0900
> >>>> TAE JIN KIM <snowebang@hotmail.com> wrote:
> >>>>
> >>>>> Daniel,
> >>>>>
> >>>>> So basically, what you r saying is that you put application layer
in
> >>>>> front of couch, so user no direct access to the couch.. Right?..I
> >>>>> think you did pretty much similar thing #2 in my original post...
> >>>>> BTW, just out of curiosity,  by doing this, any performance
> >>>>> degradation / or any trouble stuff you may have to face with
> >>>>> something you might had not expected at all ?...
> >>>>>
> >>>>> Thanks,
> >>>>>
> >>>>>> From: gonvaled@gonvaled.com
> >>>>>> Date: Thu, 7 Mar 2013 16:37:36 +0100
> >>>>>> Subject: Re: Curiosity how you use CouchDB in your web env.
> >>>>>> To: user@couchdb.apache.org
> >>>>>>
> >>>>>> Well, if things were always so easy!
> >>>>>>
> >>>>>> We have this scenario: our webapp has to server data to different
> >>>>>> organizations (hopefully thousands, if our product sells well).
> >>>>>> That means we can not partition data in different databases:
it
> >>>>>> would be a maintenance nightmare. can somebody tell me how to:
> >>>>>>
> >>>>>>  - upgrade the design docs in 1000 databases without going crazy?
> >>>>>>  - How to backup them?
> >>>>>>  - ...
> >>>>>>
> >>>>>> I mean, the more databases you have, the more complicated
> >>>>>> maintenance becomes. Maybe that can be automated, but it is
not
> >>>>>> easy out of the box.
> >>>>>>
> >>>>>> Besides, I do not want to implement the following:
> >>>>>>
> >>>>>>  - new organization signs-up
> >>>>>>  - we create a new database for it
> >>>>>>  - we upload the design documens
> >>>>>>  - we trigger those documents
> >>>>>>
> >>>>>> I mean, it is probably doable, but I am not walking that path
right
> >>>>>> now. So, the only way that I know of in which we can partition
the
> >>>>>> data is by having an application server in front of couch: a
single
> >>>>>> database for all customers, with access control implemented
via
> >>>>>> view filtering with the org_id as key. The user has no direct
> >>>>>> access to couch.
> >>>>>>
> >>>>>> On Wed, Mar 6, 2013 at 7:42 PM, Robert Newson <rnewson@apache.org>
> >>>>>> wrote:
> >>>>>>
> >>>>>>> Don't grant users access to databases you don't want them
to
> >>>>>>> read. :)
> >>>>>>>
> >>>>>>>
> >>>
> http://wiki.apache.org/couchdb/Security_Features_Overview#Authorization
> >>>>>>>
> >>>>>>> B.
> >>>>>>>
> >>>>>>> On 6 March 2013 12:33, Mark Hahn <mark@hahnca.com>
wrote:
> >>>>>>>> Anyone logged in can read any document in the DB.  I
have to
> >>>>>>>> check each user and what they are trying to do to block
illegal
> >>>>>>>> actions.
> >>>>>>>>
> >>>>>>>>
> >>>>>>>> On Wed, Mar 6, 2013 at 9:51 AM, Robert Newson
> >>>>>>>> <rnewson@apache.org>
> >>>>>>> wrote:
> >>>>>>>>
> >>>>>>>>> "How does everyone solve the security issue?"
> >>>>>>>>>
> >>>>>>>>> What security problem? Only administrators can modify
design
> >>>>>>>>> documents.
> >>>>>>>>>
> >>>>>>>>> B.
> >>>>>>>>>
> >>>>>>>>> On 6 March 2013 11:38, Aurélien Bénel <aurelien.benel@utt.fr>
> >>>>>>>>> wrote:
> >>>>>>>>>> Hi,
> >>>>>>>>>>
> >>>>>>>>>>> just out of curiosity, would like to hear
how CouchDB is
> >>>>>>>>>>> being used
> >>>>>>> in
> >>>>>>>>> your web environment....
> >>>>>>>>>>
> >>>>>>>>>> We have two main setups:
> >>>>>>>>>> - CouchApps,
> >>>>>>>>>> - REST APIs used by heavy clients (Java or Firefox
> >>>>>>>>>> extensions) and
> >>>>>>>>> attached Web applications.
> >>>>>>>>>>
> >>>>>>>>>>> How does everyone solve the security issue?
> >>>>>>>>>>
> >>>>>>>>>> We always use CouchDB behind a reverse proxy
to add LDAP
> >>>>>>> authentication
> >>>>>>>>> and authorization when needed.
> >>>>>>>>>>
> >>>>>>>>>>
> >>>>>>>>>> Regards,
> >>>>>>>>>>
> >>>>>>>>>> Aurélien
> >>>>>>>>>
> >>>>>>>
> >>>>>
> >>>
> >>>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message