Works as intended. You can easily verify this with Wireshark. Jason Winshell <[email protected]> wrote: >Hi folks, > >I need to replicate between a master and backup database in a >high-security environment. Replication, like any interaction with the >database must be authenticated. Both Couch instances are fronted by an >SSL-proxy. There is no remote access to the http API (i.e. port 5984) >without going through the proxy. Couch native SSL support is a no-go >because the Erlang-based SSL support is verifiably buggy. The >implementation must be fully vetted, complete and reliable for this >high-security environment. Replication between instances requires that >the backup instance pull data from the master with an authenticated >URL. I found I was able to get replication working by constructing a >database URL of the form https://user:password/mydatabase. I need to >verify and be sure of a couple things (1) Couch passes authentication >in HTTP headers and in no way passes the user:password as part of the >URL. This is per the RFC spec for HTTP Basic (or Cookie) authentication >(2) the user:password would never be exposed to user other than the >server administrator on the backup. AFAIK, #1 is true, but I need to be >absolutely sure. > >By the way, I'm using CouchDB on Windows OS. > >Can folks give me their thoughts on this? > >Thanks > >Jason
-- Sent from Kaiten Mail. Please excuse my brevity.
