[
https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212707#comment-14212707
]
ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------
Commit cad071cc0b5018bfd355ef49de8941e2d545900a in couchdb-couch's branch
refs/heads/2452-users-db-security-on-clustered-interface from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-couch.git;h=cad071c ]
Add _users DB callbacks when opening _users shards
The check to determine whether to add the callback functions for
_users DB operations was only checking the raw database name. When
using the authentication DB on the clustered database this meant
that this check would fail and the callbacks would not be added.
This commit checks the DB name (rather than the shard name) against
the value of chttpd_auth/authentication_db so that shards for
clustered authentication DBs have the appropriate callbacks added.
COUCHDB-2452 1/3
> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
> Key: COUCHDB-2452
> URL: https://issues.apache.org/jira/browse/COUCHDB-2452
> Project: CouchDB
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: Database Core
> Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics
> which are currently only supported on the admin port (default 5986). Since we
> support using the _users DB on the clustered port we should also ensure the
> same security semantics apply there.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
