couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Benoit Chesneau <bchesn...@gmail.com>
Subject [patch] proxy authentificationn handler
Date Tue, 02 Feb 2010 14:57:50 GMT
Hi all,

I've just pushed on jira my proxy authentification handler. This code
is used behind aimpl.org and works well.

https://issues.apache.org/jira/browse/COUCHDB-636

This handler allows creation of a userCtx objec from a user
authenticated remotly. The client just pass specific headers to
CouchDB and the handler create the userCtx. Headers name can be
defined in local.ini. By thefault they are :

* X-Auth-CouchDB-UserName : username, (x_auth_username in
couch_httpd_auth section)
* X-Auth-CouchDB-Roles : user roles, list of roles separated by a
comma (x_auth_roles in couch_httpd_auth section)
* X-Auth-CouchDB-Token : token to authenticate the authorization
(x_auth_token in couch_httpd_auth section). This token is an hmac-sha1
created from secret key and username. The secret key should be the
same in the client and couchdb node. secret key is the secret key in
couch_httpd_auth section of ini. This token is optional if secret key
isn't defined.

What do you think about including it in 0.11 ?

- benoƮt

Mime
View raw message