incubator-couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Benoit Chesneau (JIRA)" <j...@apache.org>
Subject [jira] Updated: (COUCHDB-636) proxy authentification handler
Date Tue, 02 Feb 2010 18:28:18 GMT

     [ https://issues.apache.org/jira/browse/COUCHDB-636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Benoit Chesneau updated COUCHDB-636:
------------------------------------

    Attachment: proxyauth2.patch

new patch that makes secret key use optional. 

If value of proxy_use_secret key in couch_httpd_auth section of ini isn't true the secret
key isn't use.

> proxy authentification handler
> ------------------------------
>
>                 Key: COUCHDB-636
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-636
>             Project: CouchDB
>          Issue Type: Improvement
>    Affects Versions: 0.11, 0.12
>            Reporter: Benoit Chesneau
>         Attachments: proxyauth.diff, proxyauth2.patch
>
>
> Find attached a patch that add a proxy authentification handler to couch_httpd_auth.

> This handler allows creation of a userCtx objec from a user authenticated remotly. The
client just pass specific headers to CouchDB and the handler create the userCtx. Headers 
name can be defined in local.ini. By thefault they are :
> * X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth section)
> * X-Auth-CouchDB-Roles :  user roles, list of roles separated by a comma (x_auth_roles
in couch_httpd_auth section)
> * X-Auth-CouchDB-Token : token to authenticate the authorization (x_auth_token in couch_httpd_auth
section). This token is an hmac-sha1 created from secret key and username. The secret key
should be the same in the client and couchdb node. secret key is the secret key in couch_httpd_auth
section of ini. This token is optional if secret key isn't defined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message