You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@couchdb.apache.org by "Benoit Chesneau (JIRA)" <ji...@apache.org> on 2010/02/02 15:54:18 UTC

[jira] Created: (COUCHDB-636) proxy authentification handler

proxy authentification handler
------------------------------

                 Key: COUCHDB-636
                 URL: https://issues.apache.org/jira/browse/COUCHDB-636
             Project: CouchDB
          Issue Type: Improvement
    Affects Versions: 0.11, 0.12
            Reporter: Benoit Chesneau


Find attached a patch that add a proxy authentification handler to couch_httpd_auth. 

This handler allows creation of a userCtx objec from a user authenticated remotly. The client just pass specific headers to CouchDB and the handler create the userCtx. Headers  name can be defined in local.ini. By thefault they are :

* X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth section)
* X-Auth-CouchDB-Roles :  user roles, list of roles separated by a comma (x_auth_roles in couch_httpd_auth section)
* X-Auth-CouchDB-Token : token to authenticate the authorization (x_auth_token in couch_httpd_auth section). This token is an hmac-sha1 created from secret key and username. The secret key should be the same in the client and couchdb node. secret key is the secret key in couch_httpd_auth section of ini. This token is optional if secret key isn't defined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (COUCHDB-636) proxy authentification handler

Posted by "Benoit Chesneau (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/COUCHDB-636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benoit Chesneau updated COUCHDB-636:
------------------------------------

    Attachment: proxyauth.diff

> proxy authentification handler
> ------------------------------
>
>                 Key: COUCHDB-636
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-636
>             Project: CouchDB
>          Issue Type: Improvement
>    Affects Versions: 0.11, 0.12
>            Reporter: Benoit Chesneau
>         Attachments: proxyauth.diff
>
>
> Find attached a patch that add a proxy authentification handler to couch_httpd_auth. 
> This handler allows creation of a userCtx objec from a user authenticated remotly. The client just pass specific headers to CouchDB and the handler create the userCtx. Headers  name can be defined in local.ini. By thefault they are :
> * X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth section)
> * X-Auth-CouchDB-Roles :  user roles, list of roles separated by a comma (x_auth_roles in couch_httpd_auth section)
> * X-Auth-CouchDB-Token : token to authenticate the authorization (x_auth_token in couch_httpd_auth section). This token is an hmac-sha1 created from secret key and username. The secret key should be the same in the client and couchdb node. secret key is the secret key in couch_httpd_auth section of ini. This token is optional if secret key isn't defined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Closed: (COUCHDB-636) proxy authentification handler

Posted by "Benoit Chesneau (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/COUCHDB-636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benoit Chesneau closed COUCHDB-636.
-----------------------------------

       Resolution: Fixed
    Fix Version/s: 0.12
                   0.11

commited in trunk.

> proxy authentification handler
> ------------------------------
>
>                 Key: COUCHDB-636
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-636
>             Project: CouchDB
>          Issue Type: Improvement
>    Affects Versions: 0.11, 0.12
>            Reporter: Benoit Chesneau
>             Fix For: 0.11, 0.12
>
>         Attachments: proxyauth.diff, proxyauth2.patch
>
>
> Find attached a patch that add a proxy authentification handler to couch_httpd_auth. 
> This handler allows creation of a userCtx objec from a user authenticated remotly. The client just pass specific headers to CouchDB and the handler create the userCtx. Headers  name can be defined in local.ini. By thefault they are :
> * X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth section)
> * X-Auth-CouchDB-Roles :  user roles, list of roles separated by a comma (x_auth_roles in couch_httpd_auth section)
> * X-Auth-CouchDB-Token : token to authenticate the authorization (x_auth_token in couch_httpd_auth section). This token is an hmac-sha1 created from secret key and username. The secret key should be the same in the client and couchdb node. secret key is the secret key in couch_httpd_auth section of ini. This token is optional if secret key isn't defined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (COUCHDB-636) proxy authentification handler

Posted by "Benoit Chesneau (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/COUCHDB-636?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Benoit Chesneau updated COUCHDB-636:
------------------------------------

    Attachment: proxyauth2.patch

new patch that makes secret key use optional. 

If value of proxy_use_secret key in couch_httpd_auth section of ini isn't true the secret key isn't use.

> proxy authentification handler
> ------------------------------
>
>                 Key: COUCHDB-636
>                 URL: https://issues.apache.org/jira/browse/COUCHDB-636
>             Project: CouchDB
>          Issue Type: Improvement
>    Affects Versions: 0.11, 0.12
>            Reporter: Benoit Chesneau
>         Attachments: proxyauth.diff, proxyauth2.patch
>
>
> Find attached a patch that add a proxy authentification handler to couch_httpd_auth. 
> This handler allows creation of a userCtx objec from a user authenticated remotly. The client just pass specific headers to CouchDB and the handler create the userCtx. Headers  name can be defined in local.ini. By thefault they are :
> * X-Auth-CouchDB-UserName : username, (x_auth_username in couch_httpd_auth section)
> * X-Auth-CouchDB-Roles :  user roles, list of roles separated by a comma (x_auth_roles in couch_httpd_auth section)
> * X-Auth-CouchDB-Token : token to authenticate the authorization (x_auth_token in couch_httpd_auth section). This token is an hmac-sha1 created from secret key and username. The secret key should be the same in the client and couchdb node. secret key is the secret key in couch_httpd_auth section of ini. This token is optional if secret key isn't defined.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.