Details

    • Type: Improvement Improvement
    • Status: Open
    • Priority: Major Major
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: None
    • Labels:
      None
    • Skill Level:
      Regular Contributors Level (Easy to Medium)

      Description

      As it has been discussed in the @dev mailing list, CouchDB should be configurable to use customizable password storage/hashing schemes.
      Brian Candler suggested the support for the OpenLDAP schemes for example.

      From the Auth roadmap mail chain:

      "1) Extensible password storage.

      Thanks Brian Candler for the links to the OpenLDAP style of storage. I
      think we should do this asap so we don't have to worry about backwards
      compatibility with the current storage mechanism until the end of
      time. The relevant message:
      http://permalink.gmane.org/gmane.comp.db.couchdb.devel/7588"

        Activity

        Filipe Manana created issue -
        Hide
        Filipe Manana added a comment -

        The following patch adds support for an extensible password storage scheme, and it implements also 4 of the OpenLDAP passwords storage schemes.
        The relevant excerpt of config.ini file is:

        [couch_httpd_auth]
        password_hash_scheme = hashed ; default scheme to use when hashing passwords
        password_validators =

        {couch_httpd_auth, couch_validate_password}

        ,

        {couch_httpd_auth, openldap_validate_password}

        [password_hash_creators]
        ; scheme =

        {module, function}

        hashed =

        {couch_httpd_auth, couch_hash_password} {SSHA}

        =

        {couch_httpd_auth, openldap_hash_password} {SHA} = {couch_httpd_auth, openldap_hash_password} {SMD5}

        =

        {couch_httpd_auth, openldap_hash_password} {MD5} = {couch_httpd_auth, openldap_hash_password}
        Show
        Filipe Manana added a comment - The following patch adds support for an extensible password storage scheme, and it implements also 4 of the OpenLDAP passwords storage schemes. The relevant excerpt of config.ini file is: [couch_httpd_auth] password_hash_scheme = hashed ; default scheme to use when hashing passwords password_validators = {couch_httpd_auth, couch_validate_password} , {couch_httpd_auth, openldap_validate_password} [password_hash_creators] ; scheme = {module, function} hashed = {couch_httpd_auth, couch_hash_password} {SSHA} = {couch_httpd_auth, openldap_hash_password} {SHA} = {couch_httpd_auth, openldap_hash_password} {SMD5} = {couch_httpd_auth, openldap_hash_password} {MD5} = {couch_httpd_auth, openldap_hash_password}
        Filipe Manana made changes -
        Field Original Value New Value
        Attachment couchdb-extensible-passwd-storage-trunk.patch [ 12435785 ]
        Noah Slater made changes -
        Fix Version/s 0.12 [ 12314314 ]
        Fix Version/s 0.11 [ 12313841 ]
        Paul Joseph Davis made changes -
        Skill Level Regular Contributors Level (Easy to Medium)
        Jan Lehnardt made changes -
        Fix Version/s 1.2 [ 12315198 ]
        Fix Version/s 0.12 [ 12314314 ]
        Hide
        Jan Lehnardt added a comment -

        Bump to 1.3.x

        Show
        Jan Lehnardt added a comment - Bump to 1.3.x
        Jan Lehnardt made changes -
        Fix Version/s 1.3 [ 12318350 ]
        Fix Version/s 1.2 [ 12315198 ]
        Jan Lehnardt made changes -
        Fix Version/s 1.3 [ 12318350 ]

          People

          • Assignee:
            Unassigned
            Reporter:
            Filipe Manana
          • Votes:
            1 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated:

              Development