[
https://issues.apache.org/jira/browse/COUCHDB-263?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12721435#action_12721435
]
Damien Katz commented on COUCHDB-263:
-------------------------------------
hmmm, on second thought, we do need this both as a server wide setting and at
the database level.
However, this check and throwing exceptions for authenticated users should not
be done in the authentication function, but by the caller of the auth function,
so the setting works with all auth handlers.
Also, it would be nice to have a more complete solution with more settings:
allowed users, disallowed users and allow anonymous
> require valid user for all database operations
> ----------------------------------------------
>
> Key: COUCHDB-263
> URL: https://issues.apache.org/jira/browse/COUCHDB-263
> Project: CouchDB
> Issue Type: Improvement
> Components: HTTP Interface
> Affects Versions: 0.9
> Environment: All platforms.
> Reporter: Jack Moffitt
> Priority: Minor
> Attachments: couchauth.diff
>
>
> Admin accounts currently restrict a few operations, but leave all other
> operations completely open. Many use cases will require all operations to be
> authenticated. This can certainly be done by overriding the
> default_authentication_handler, but I think this very common use case can be
> handled in default_authentication_handler without increasing the complexity
> much.
> Attached is a patch which adds a new config option, "require_valid_user",
> which restricts all operations to authenticated users only. Since CouchDB
> currently only has admins, this means that all operations are restricted to
> admins. In a future CouchDB where there are also normal users, the intention
> is that this would let them pass through as well.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
