You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@couchdb.apache.org by Apache Wiki <wi...@apache.org> on 2010/06/21 15:42:44 UTC

[Couchdb Wiki] Update of "Security_Features_Overview" by FilipeManana

Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Couchdb Wiki" for change notification.

The "Security_Features_Overview" page has been changed by FilipeManana.
http://wiki.apache.org/couchdb/Security_Features_Overview?action=diff&rev1=11&rev2=12

--------------------------------------------------

  
  If both the names and roles fields of either the admins or readers properties are empty arrays, it means the database has no admins or readers. Having no admins, any user has all the privileges associated to a database. Having no readers, any user can write regular documents (any non-design document) and read documents from the database.
  
+ '''Note:''' If there are any reader names or roles defined for a database, then only authenticated users having a matching name or role are allowed to read documents from the database (or do a GET /db_name/ call).
+ 
  Each user name mentioned in a database security object refers to a user that is defined in the authentication database. The default name of this database is ''_users'' but it is configurable in the .ini configuration files:
  
  {{{