[COUCHDB-263] require valid user for all database operations - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Blocker
Resolution: Fixed
Affects Version/s: 0.9
Fix Version/s: 0.10
Component/s: HTTP Interface
Labels:
None
Environment:

All platforms.

Description

Admin accounts currently restrict a few operations, but leave all other operations completely open. Many use cases will require all operations to be authenticated. This can certainly be done by overriding the default_authentication_handler, but I think this very common use case can be handled in default_authentication_handler without increasing the complexity much.

Attached is a patch which adds a new config option, "require_valid_user", which restricts all operations to authenticated users only. Since CouchDB currently only has admins, this means that all operations are restricted to admins. In a future CouchDB where there are also normal users, the intention is that this would let them pass through as well.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

couchauth.diff
20/Feb/09 22:51
1 kB
Jack Moffitt

Activity

People

Assignee:: Unassigned

Reporter:: Jack Moffitt

Votes:: 1 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 20/Feb/09 22:50

Updated:: 12/Aug/09 00:37

Resolved:: 12/Aug/09 00:37