Re: Accessing Standalone Application's Login Page on a Secured Database

[JRad <be...@gmail.com>]

Dear Chris,
I've set  *require_valid_user=true* and  *authentication_redirect* is set to
default by couchdb, but no redirection happens.
A basic authentication pop up shows as before! I've tested once with *
WWW-Authenticate* disabled and once set to default!
Would you please clarify the correct configuration for us to enable the
login page!?



On Thu, Jun 24, 2010 at 11:47 PM, afshin afzali <a....@gmail.com>wrote:

>
>
> ---------- Forwarded message ----------
> From: J Chris Anderson <jc...@gmail.com>
> Date: Thu, Jun 24, 2010 at 9:01 PM
> Subject: Re: Accessing Standalone Application's Login Page on a Secured
> Database
> To: user@couchdb.apache.org
>
>
>
> On Jun 24, 2010, at 9:28 AM, afshin afzali wrote:
>
> > Hi Guys,
> >
> > Assume there is a secured CouchDB's database (has readers / admins /
> roles)
> > which also equipped with a standalone application. The application has
> its
> > own login page which can get user's credentials and issue cookie
> > authentication. So how user can get access to login page when there is
> not
> > any authentication cookie.
>
> I just fixed this in trunk, by adding a login page that anonymous users are
> redirected to, where they must signup or login before being sent back to the
> original URL.
>
> > If we set the require_valid_user to false,
> > anonymous can gets access to _design document? If yes what about to other
> > docs in database ? anonymous can reads all our docs?
> >
>
> Yes, anyone who can ready any doc in the database can read all the docs in
> the database, including design docs.
>
> Chris
>
> > Best,
> > -- afshin
>
>
>

-- 
Behrad