Victor, If you serve CouchDB directly, or just proxy CouchDB via a web server, you're gonna need to read up on the CouchDB security model and consider whether it fits your application.
This should get you started: http://guide.couchdb.org/draft/security.html http://is.gd/gQ3XO http://www.youtube.com/watch?v=oHKvV3Nh-CI The main 'gotcha' with CouchDB's security model is that a user can either access all or none of the resources for any particular database. Consider what types of data can be accessed anonymously, by a particular user or by a role shared by multiple users. You may need to place documents in different databases depending on who may access them. Perhaps you could explain more of your scenario. Cheers, Zach On Mon, Nov 8, 2010 at 8:53 AM, Victor Stan <[email protected]> wrote: > Hello, > > I've been considering methods of accessing CouchDB directly from the > browser, and one method seems to be using Apache or NginX as a reverse > proxy for CouchDB. > > If there are people with experience in that area in this forum, could > you please share some of the gotchas when it comes to securing access > to the database; as it seems to me that by removing the server side > scripts, a security layer is also removed... > > Cheers, > Victor Stan >
