[
https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14205656#comment-14205656
]
ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------
Commit 569b00f301232a4b4ce2e038ef5bdf92c3b52079 in couchdb-chttpd's branch
refs/heads/2452-users-db-security-on-clustered-interface from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-chttpd.git;h=569b00f ]
Only admins access _users _all_docs on 5984
When couch_httpd_auth/users_db_public is set to false and the
_users DB is on the admin interface (5986) only admins can read
the _all_docs view.
This commit creates the same behaviour on the clustered interface
(5984) when chttpd_auth/users_db_public is set to false.
COUCHDB-2452 5/?
> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
> Key: COUCHDB-2452
> URL: https://issues.apache.org/jira/browse/COUCHDB-2452
> Project: CouchDB
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: Database Core
> Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics
> which are currently only supported on the admin port (default 5986). Since we
> support using the _users DB on the clustered port we should also ensure the
> same security semantics apply there.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
