couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dilushan Delgoda <ddilus...@gmail.com>
Subject Re: Bind to localhost without require valid user
Date Mon, 29 Jul 2019 13:11:12 GMT
Hi.

Thank you very much for your reply.

I'm trying to replicate a database by putting a document to _replicator.
And when i set source and target "http://admin:password@localhost:5984/db"
like this replication happening without any issue. But when i try without
putting username and password "http://localhost:5984/db" replication not
happening. Is there workaround to solve this? I don't want to put password
in replication doc. And source, target and _replicator in same couchdb
instance.

This is because even a db user with view access can then log in and see the
admin password which would compromise security.

Best regards

On Mon, Jul 29, 2019 at 3:19 PM Matteo Guadrini <matteo.guadrini@hotmail.it>
wrote:

> I don't think we can do ... because, network traffic at a much lower level
> than the application.
> The CouchDB server (frontend) sees GET / PUT / POST coming from a certain
> ip. At this point, he asks the database specified in the url for the
> request and the server itself will verify the security.
> But there is no TCP / IP control at this level. Rather, you could make two
> servers, the first one responding only to localhost in AdminParty and the
> second with the user and password and in bind on a private / public ip. The
> second will receive the db in reply from the first.
> It could be an idea...
>
> Matteo Guadrini
>
> ________________________________
> Da: Dilushan Delgoda <ddilushan@gmail.com>
> Inviato: lunedì 29 luglio 2019 10:29
> A: user@couchdb.apache.org <user@couchdb.apache.org>
> Oggetto: Bind to localhost without require valid user
>
> Is it possible to bind Couchdb to localhost without require valid user and
> all other interfaces with require valid user setting. So when application
> access through localhost that applications doesn't require username
> password to Couchdb and applications access from external interfaces
> require username password.
>
> --
> Regards,
> Dilushan Delgoda
>


-- 
Regards,
Dilushan Delgoda

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message