Dear Wiki user, You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.
The "Security_Features_Overview" page has been changed by PasiEronen. http://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=23&rev2=24 -------------------------------------------------- All these rules regarding authentication database documents are enforced by the validate document update function stored in the design document with ID "_design/_auth" found in the authentication database (it is automatically created by CouchDB). === Generating password_sha === - `password_sha` can be generated a number of different ways. OpenSSL's `sha` and `sha1` functions are not compatible. Below are some methods that work: + `password_sha` can be generated a number of different ways. Below are some methods that work: + + OpenSSL command line tool + {{{ + $ echo -n "foobar" | openssl sha1 + 8843d7f92416211de9ebb963ff4ce28125932878 + }}} Erlang @@ -155, +161 @@ String digested = digester.digest("foobar").toLowerCase(); // 8843d7f92416211de9ebb963ff4ce28125932878 }}} ==== Salt and Password Generator ==== + + This Perl script expects a password on STDIN or as its first parameter, and an optional salt as its second parameter. If no salt is provided, a random one will be selected. The salt and password_sha are printed on STDOUT. @@ -195, +203 @@ my $password_sha = sha1($password,$salt); print "password_sha = ".unpack('H*',$password_sha)."\n"; }}} + + OpenSSL command line version: + + {{{ + $ SALT=`openssl rand 16 | openssl md5' + $ echo salt=$SALT + salt=b7774c617642099bbe6233e9ee08a8eb + $ echo -n "foobar$SALT" | openssl sha1 + b79393894929362b5ba006ce210467fec5bae9ef + }}} + + == Document Update Validation == See [[Document_Update_Validation]].
