[
https://issues.apache.org/jira/browse/COUCHDB-2452?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212705#comment-14212705
]
ASF subversion and git services commented on COUCHDB-2452:
----------------------------------------------------------
Commit 9b5406b4b6d39ec5df6d1061c270f7a90e797a67 in couchdb-chttpd's branch
refs/heads/2452-users-db-security-on-clustered-interface from [~mikewallace]
[ https://git-wip-us.apache.org/repos/asf?p=couchdb-chttpd.git;h=9b5406b ]
Only admins access _users _all_docs on 5984
When couch_httpd_auth/users_db_public is set to false and the
_users DB is on the admin interface (5986) only admins can read
the _all_docs view.
This commit creates the same behaviour on the clustered interface
(5984) when chttpd_auth/users_db_public is set to false.
Note: This duplicates code in
couch_db:maybe_add_sys_db_callbacks/2 and couch_mrview_http:all_docs/3.
COUCHDB-2452 4/5
> Provide _users DB security when _users DB is on the clustered interface
> -----------------------------------------------------------------------
>
> Key: COUCHDB-2452
> URL: https://issues.apache.org/jira/browse/COUCHDB-2452
> Project: CouchDB
> Issue Type: Improvement
> Security Level: public(Regular issues)
> Components: Database Core
> Reporter: Mike Wallace
>
> The authentication DB (default name _users) has special security semantics
> which are currently only supported on the admin port (default 5986). Since we
> support using the _users DB on the clustered port we should also ensure the
> same security semantics apply there.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
