You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@couchdb.apache.org by GitBox <gi...@apache.org> on 2020/03/31 15:55:49 UTC

[GitHub] [couchdb-documentation] dholth opened a new issue #513: Update _users security documentation to account for _security changes, "mandatory" fields

dholth opened a new issue #513: Update _users security documentation to account for _security changes, "mandatory" fields
URL: https://github.com/apache/couchdb-documentation/issues/513
 
 
   The _users documentation at https://docs.couchdb.org/en/stable/intro/security.html?highlight=org%20couchdb%20users#authentication-database is out of date.
   
   "Users may only access (GET /_users/org.couchdb.user:Jan) or modify (PUT /_users/org.couchdb.user:Jan) documents that they own"
   
   Technically true but the default 3.0 _security setting means users may not access or modify their own documents. Documentation should mention the _security and config settings to make this true.
   
   (in my application the ideal would be read-only access to your own _user object)
   
   "Each CouchDB user is stored in document format. These documents contain several mandatory fields, that CouchDB needs for authentication:
   
   AFAICT some of these fields are not mandatory. derived_key, password_sha, password_scheme, salt are not needed when using proxy authentication. Can roles be missing too?
   
   References apache/couchdb#2730 apache/couchdb#2734

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

[GitHub] [couchdb-documentation] dholth commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields

Posted by GitBox <gi...@apache.org>.
dholth commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields
URL: https://github.com/apache/couchdb-documentation/issues/513#issuecomment-606736507
 
 
   In my testing an empty members array is enough to restore the 2.0 behavior. `{'members': {'roles': []}, 'admins': {'roles': ['_admin']}}`

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

[GitHub] [couchdb-documentation] dholth commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields

Posted by GitBox <gi...@apache.org>.
dholth commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields
URL: https://github.com/apache/couchdb-documentation/issues/513#issuecomment-607210148
 
 
   It belongs in the couchdb section. This ini was wrong in the first release.
   
   On Tue, Mar 31, 2020, at 3:26 PM, cliff wrote:
   > 
   
   > try setting this in local.ini, restart server, then fauxton as admin and clear the security for _users
   
   
   > [purge]
   >  users_db_security_editable = true
   
   
   > —
   > You are receiving this because you authored the thread.
   > Reply to this email directly, view it on GitHub <https://github.com/apache/couchdb-documentation/issues/513#issuecomment-606826061>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AABSZEUGYZNCFBRPGATTKELRKI7XHANCNFSM4LXVRSPA>.
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services

[GitHub] [couchdb-documentation] hawkrdg commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields

Posted by GitBox <gi...@apache.org>.
hawkrdg commented on issue #513: Update _users security documentation to account for _security changes, "mandatory" fields
URL: https://github.com/apache/couchdb-documentation/issues/513#issuecomment-606826061
 
 
   try setting this in local.ini, restart server, then fauxton as admin and clear the security for _users
   
   [purge]
   users_db_security_editable = true

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services