On Jul 16, 2010, at 4:49 PM, Chris Dawson wrote: > I want to run a couchdb node which allows public read access so that > replication can occur but then protect writes behind an application server. > Should I set up a firewall or proxy rule that disallows anything but GETs on > the public IP and then have an application server running on the localhost > interface which has full HTTP verbs allowed? Or is there another topology I > should consider? >
best is set up a validation function so that writes are only allowed by users with a certain role, then you can give that role to your app server's user. (or maybe even skip the app server altogether and write the rest as a couchapp, but that's another story). http://books.couchdb.org/relax/design-documents/validation-functions > Thanks > Chris > > Chris Dawson > 971-533-8335
