Anyone logged in can read any document in the DB. I have to check each user and what they are trying to do to block illegal actions.
On Wed, Mar 6, 2013 at 9:51 AM, Robert Newson <rnew...@apache.org> wrote: > "How does everyone solve the security issue?" > > What security problem? Only administrators can modify design documents. > > B. > > On 6 March 2013 11:38, Aurélien Bénel <aurelien.be...@utt.fr> wrote: > > Hi, > > > >> just out of curiosity, would like to hear how CouchDB is being used in > your web environment.... > > > > We have two main setups: > > - CouchApps, > > - REST APIs used by heavy clients (Java or Firefox extensions) and > attached Web applications. > > > >> How does everyone solve the security issue? > > > > We always use CouchDB behind a reverse proxy to add LDAP authentication > and authorization when needed. > > > > > > Regards, > > > > Aurélien >
