Thanks Unfortunately, apache mod_auth is not an option with me because my requirements are to provide security in depth and since Couchdb still exposes its rest interfaces independent of Apache, I need to lock that down in a more integration architecture.
Cheers su./hail On Mon, Oct 19, 2009 at 1:13 PM, Miles Fidelman <[email protected]>wrote: > Suhail Ahmed wrote: > >> Hi, >> >> I am looking to replacing my existing content management engine with >> couchdb. In order to do this properly, I would have to lock down the >> couchdb >> REST interface using OpenSSO. I would be much obliged if anyone could >> point >> out how I should go about it. There are a number of ways OpenSSO can be >> integrated, RPC/REST, SOAP, Native Java API etc. In my current system, >> both >> authentication and authorization is performed against OpenSSO (the reason >> being that the system consists of more than just the content management >> engine) centrally. >> Where would I go about plugging in OpenSSO? Should I do it at the Erlang >> layer? The couchdb layer or the mochiweb layer? >> >> > If you're running behind Apache, I'd suggest using one of the mod_auth > modules, that's what they're for. > > > -- > In theory, there is no difference between theory and practice. > In practice, there is. .... Yogi Berra > > >
