[
https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14205654#comment-14205654
]
ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------
Commit adc98eac80fbf1fb1296165d7c691829801e28e7 in couchdb-chttpd's branch
refs/heads/2452-users-db-security-on-clustered-interface from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-chttpd.git;h=adc98ea ]
Pass user context to ddoc_cache
Only administrators should be able to read design documents in
the authentication DB. When the auth DB is on the clustered
interface design documents are handled by ddoc_cache so it needs
to be given the user context.
COUCHDB-2452 3/?
> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
> Key: COUCHDB-2452
> URL: https://issues.apache.org/jira/browse/COUCHDB-2452
> Project: CouchDB
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: Database Core
> Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics
> which are currently only supported on the admin port (default 5986). Since we
> support using the _users DB on the clustered port we should also ensure the
> same security semantics apply there.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
