incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jan Wedekind <>
Subject Re: to CouchApp or not to CouchApp
Date Thu, 04 Aug 2011 15:56:26 GMT
On Thu, Aug 4, 2011 at 17:23, Sam Bisbee <> wrote:

> >> All of that being said, there should be a checklist of steps to lock
> >> CouchDB down. If no one has seen one floating around the Web yet, then
> >> I'll start putting one together.
> >>
> >
> > That would be really helpful, at least I can't find anything
> comprehensive
> > on the whole topic and the more I read, the more confused I get.
> I smell a blog post. :)

*sniffsniffsniff* :)

> > But with Couch alone, I still need to submit username:password in
> cleartext
> > - at least once if I do cookie authentication. Or am I missing something?
> CouchDB supports SSL as of 1.1.0:

We are running Couchbase for now (cos we wanted Geocouch easier). But yes, I
read that and was happy to see it.

> >> Or Max's suggestion of proxying through a web server.(...)
> These should be a good start:
Thanks! Stumbled across the first one two and we are essentially doing
something like that now.

I think my main confusion stemmed from the fact that Couch is well capable
of serving stuff on its own and at scale - and that i didn't needed a middle
layer to talk to the database. So adding another web server in between felt
weirdly contradictory. But then again, just for load balancing alone you
eventually need something in between anyway.



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message