incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stanley Iriele <siriele...@gmail.com>
Subject Re: Securing CouchDB
Date Tue, 02 Jul 2013 05:51:57 GMT
also...how would cross database cookies work?


On Mon, Jul 1, 2013 at 10:42 PM, Stanley Iriele <siriele2x3@gmail.com>wrote:

> Hello all,
>
> I have a bit of a conundrum that has been racking my brain. I want to use
> CouchDB to serve out a website. I was planning on offloading any strange
> work to the proxy daemons that I set up but my issue is this has 2 points.
> Security and scaling
>
> I have require_valid_user turned so every request forces a 401. so a new
> user who has no credentials will see that instead of a login page. I can't
> turn require valid user off because access to global handlers can crash the
> database.. for example a call to _uuids?count=336736738683673 will crash
> the CouchDB. I have rewrite handlers in place but I feel like that is not
> safe enough Is there something I am missing?
>
> Secondly If i wanted to have a fan of couchapps Servers so...Identical but
> they run on different machines ...how well does that work? I know its a bit
> of a strange question but I'm racking my brain on this one
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message