[
https://issues.apache.org/jira/browse/COUCHDB-636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Benoit Chesneau updated COUCHDB-636:
------------------------------------
Attachment: proxyauth2.patch
new patch that makes secret key use optional.
If value of proxy_use_secret key in couch_httpd_auth section of ini isn't true
the secret key isn't use.
> proxy authentification handler
> ------------------------------
>
> Key: COUCHDB-636
> URL: https://issues.apache.org/jira/browse/COUCHDB-636
> Project: CouchDB
> Issue Type: Improvement
> Affects Versions: 0.11, 0.12
> Reporter: Benoit Chesneau
> Attachments: proxyauth.diff, proxyauth2.patch
>
>
> Find attached a patch that add a proxy authentification handler to
> couch_httpd_auth.
> This handler allows creation of a userCtx objec from a user authenticated
> remotly. The client just pass specific headers to CouchDB and the handler
> create the userCtx. Headers name can be defined in local.ini. By thefault
> they are :
> * X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth
> section)
> * X-Auth-CouchDB-Roles : user roles, list of roles separated by a comma
> (x_auth_roles in couch_httpd_auth section)
> * X-Auth-CouchDB-Token : token to authenticate the authorization
> (x_auth_token in couch_httpd_auth section). This token is an hmac-sha1
> created from secret key and username. The secret key should be the same in
> the client and couchdb node. secret key is the secret key in couch_httpd_auth
> section of ini. This token is optional if secret key isn't defined.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
