incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wout Mertens <wout.mert...@gmail.com>
Subject Re: Best performing login implementation?
Date Mon, 06 Sep 2010 15:50:40 GMT
On Sep 6, 2010, at 17:24 , J Chris Anderson wrote:

> Also it is worth noting that CouchDB has a builtin authentication system that gets this
right, and you might just be able to piggyback on it, depending on your application:
> 
> http://blog.couch.io/post/1027100082/whats-new-in-couchdb-1-0-part-4-securityn-stuff

So the security model is:
- Admins can do everything on all local databases
- Readers can read the entire database
- Writes can have any model you like with validation functions

So if you want to segment your database readers you have to segment your databases.

Furthermore, if you would like to use LDAP authentication, you'd have to use an LDAP-to-OAuth
server.

Correct?

Wout.
Mime
View raw message