incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Victor Stan <victor.s...@gmail.com>
Subject Re: CouchDB behind apache reverse proxy
Date Mon, 08 Nov 2010 18:00:24 GMT
Thanks for the resources, I will take a look...

I need to:

- have anonymous writes to the database, from the browser (can couchDB
validate content before storing it?)
- anonymous reads of only specific views, is there a way to limit
reads of only specific views? Perhaps through Apache R-Proxying?

Cheers,
Victor Stan



On Mon, Nov 8, 2010 at 11:32 AM, Zachary Zolton
<zachary.zolton@gmail.com> wrote:
> Victor,
>
> If you serve CouchDB directly, or just proxy CouchDB via a web server,
> you're gonna need to read up on the CouchDB security model and
> consider whether it fits your application.
>
> This should get you started:
> http://guide.couchdb.org/draft/security.html
> http://is.gd/gQ3XO
> http://www.youtube.com/watch?v=oHKvV3Nh-CI
>
> The main 'gotcha' with CouchDB's security model is that a user can
> either access all or none of the resources for any particular
> database. Consider what types of data can be accessed anonymously, by
> a particular user or by a role shared by multiple users. You may need
> to place documents in different databases depending on who may access
> them.
>
> Perhaps you could explain more of your scenario.
>
>
> Cheers,
>
> Zach
>
> On Mon, Nov 8, 2010 at 8:53 AM, Victor Stan <victor.stan@gmail.com> wrote:
>> Hello,
>>
>> I've been considering methods of accessing CouchDB directly from the
>> browser, and one method seems to be using Apache or NginX as a reverse
>> proxy for CouchDB.
>>
>> If there are people with experience in that area in this forum, could
>> you please share some of the gotchas when it comes to securing access
>> to the database; as it seems to me that by removing the server side
>> scripts, a security layer is also removed...
>>
>> Cheers,
>> Victor Stan
>>
>

Mime
View raw message