You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@couchdb.apache.org by "Nathan Vander Wilt (JIRA)" <ji...@apache.org> on 2015/08/31 19:01:45 UTC

[jira] [Created] (COUCHDB-2794) Documentation not fully correct for couch_httpd_auth/secret

Nathan Vander Wilt created COUCHDB-2794:
-------------------------------------------

             Summary: Documentation not fully correct for couch_httpd_auth/secret
                 Key: COUCHDB-2794
                 URL: https://issues.apache.org/jira/browse/COUCHDB-2794
             Project: CouchDB
          Issue Type: Bug
      Security Level: public (Regular issues)
          Components: Documentation
            Reporter: Nathan Vander Wilt


The documentation for couch_httpd_auth/secret [currently states](http://docs.couchdb.org/en/latest/config/auth.html#couch_httpd_auth/secret) that the value is:

> The secret token used for Proxy Authentication method.

This does appear to be the case, but it's worth noting that AFAICT this secret is also used to sign cookie authentication as well — i.e. changing it will "log out" all current cookie-based sessions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)