[
https://issues.apache.org/jira/browse/COUCHDB-464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139840#comment-13139840
]
Jason Smith commented on COUCHDB-464:
-------------------------------------
The patch could check for either the _admin or _externals role right now.
(IIRC, roles prefixed with underscore in user documents are a validation error.)
A future step is Jan's idea to apply the _externals role to some requests that
arrive. For example:
1. When spawning an external, CouchDB generates random UUIDs for a username and
password, and passes those along as environment. Those are associated with that
child process.
2. An authentication handler checks whether query credentials match those
assigned to any externals.
3. If they match, the "_external" role is assigned. (And incidentally, the
"source" field is already known.)
(Iris Couch uses an authentication handler similar to this already. I will
donate the code if it is wanted.)
P.S. "Logging" is a privilege, whereas "an external program" is more properly a
role, in a role-based access control system. So I like "_external" as a role
name.
> Allow POST to _log for external processes
> -----------------------------------------
>
> Key: COUCHDB-464
> URL: https://issues.apache.org/jira/browse/COUCHDB-464
> Project: CouchDB
> Issue Type: New Feature
> Reporter: Robert Newson
> Fix For: 1.3
>
> Attachments: 0001-Add-POST-support-to-_log.patch,
> 0001-Add-POST-support-to-_log.patch, 0001-Add-POST-support-to-_log.patch
>
>
> Add POST support to _log so that external processes can also log to
> couch.log. This would allow couchdb-lucene (to pick a random example) to log
> consistently.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
