[
https://issues.apache.org/jira/browse/COUCHDB-263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12737097#action_12737097
]
Jason Davies commented on COUCHDB-263:
--------------------------------------
I've absorbed this patch into my oauth branch at
http://github.com/jasondavies/couchdb/tree/oauth .
I've modified it as follows:
1. The setting has been moved to [couch_httpd_auth] require_valid_user = true
2. The setting affects all authentication handlers instance-wide. If none of
them set user_ctx, then a 401 error is returned when require_valid_user = true.
> require valid user for all database operations
> ----------------------------------------------
>
> Key: COUCHDB-263
> URL: https://issues.apache.org/jira/browse/COUCHDB-263
> Project: CouchDB
> Issue Type: Improvement
> Components: HTTP Interface
> Affects Versions: 0.9
> Environment: All platforms.
> Reporter: Jack Moffitt
> Priority: Blocker
> Fix For: 0.10
>
> Attachments: couchauth.diff
>
>
> Admin accounts currently restrict a few operations, but leave all other
> operations completely open. Many use cases will require all operations to be
> authenticated. This can certainly be done by overriding the
> default_authentication_handler, but I think this very common use case can be
> handled in default_authentication_handler without increasing the complexity
> much.
> Attached is a patch which adds a new config option, "require_valid_user",
> which restricts all operations to authenticated users only. Since CouchDB
> currently only has admins, this means that all operations are restricted to
> admins. In a future CouchDB where there are also normal users, the intention
> is that this would let them pass through as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
