On Sat, May 10, 2008 at 7:36 PM, Christopher Lenz <[EMAIL PROTECTED]> wrote: > On 10.05.2008, at 17:53, Damien Katz wrote: >> >> On May 10, 2008, at 11:35 AM, Christopher Lenz wrote: >>> >>> As far as I know, the proxy will keep the auth info to itself, and the >>> request will look like a standard anonymous request to CouchDB. I *think* if >>> we don't implement authentication, we can not implement >>> authorization/security for document validation. >> >> Well, I don't know the details of authenticating proxies, but if the user >> provides credentials in the HTTP header, and the proxy server validates it >> and passes it on, then CouchDB would just use the same credentials with the >> assumption they are authenticated because the HTTP server validated it. But >> maybe this isn't possible for reasons I don't know about. > > I made a test with Apache/mod_proxy with Digest auth, and it does seem to > pass through the auth credentials (username, realm, etc) via the > Authorization header. So this should hopefully work in general, sorry for > the noise :P > > Cheers, > -- > Christopher Lenz > cmlenz at gmx.de > http://www.cmlenz.net/ > >
the same with nginx or squid :) -- - benoƮt
