incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcello Nuccio <marcello.nuc...@gmail.com>
Subject Re: to CouchApp or not to CouchApp
Date Tue, 16 Aug 2011 09:31:35 GMT
> Things to think about regarding CouchDB security:
>
> * Authentication: basic, cookie, BrowserID, http vs. https
> * Users
> * Roles
> * Database security objects
> * validate_doc_update() functions in each database
>
> I am pretty sure that is exhaustive. The best starting point to learn
> about CouchDB security is the "Definitive Guide" book.

Thank you for audit_couchdb, Jason. It's a very useful tool.

The missing piece for me is the ability to require authentication for
read access to a couchapp, in a browser friendly way [1].

Unfortunately (for me) this looks like a very rare use-case, so it
does not raise much interest... I hope to learn some Erlang soon, to
contribute to this issue...

[1] https://issues.apache.org/jira/browse/COUCHDB-1175

Mime
View raw message