You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2017/12/15 17:21:53 UTC

[GitHub] kocolosk commented on issue #1041: Expire X-Auth-CouchDB-Token manually?

kocolosk commented on issue #1041: Expire X-Auth-CouchDB-Token manually?
URL: https://github.com/apache/couchdb/issues/1041#issuecomment-352062376
 
 
   This is not possible for a specific user today. The only way to invalidate a token associated with a given username is to change the value of the `[couch_httpd_auth] secret` configuration setting, but this would invalidate *all* of your tokens.
   
   The point of the token in the proxy authentication handler is to prove that the system sending the HTTP request should be trusted by CouchDB. It's specifically not intended to be a user-specific password.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services