You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Matthias Nothhaft <ma...@googlemail.com> on 2009/11/14 16:26:21 UTC
how to setup authentication?
Hi,
I'm trying to configure/setup CouchDB 0.10 on Ubuntu so that I can
restrict access per database to different users. It would be enough to
have one user per database.
Are there any docs/information how to do this? Any more detailed
information than those from "the book"?
I wasn't able to find enough information about setting up this kind of
access restriction. :-(
I'm also interested in how to use the OAuth support.
Any help is very appreciated.
regards,
Matthias
Re: how to setup authentication?
Posted by Fabio Forno <fa...@gmail.com>.
On Mon, Nov 16, 2009 at 7:14 AM, Chris Anderson <jc...@apache.org> wrote:
>
> The easiest way right now is to use a proxy like Apache httpd with
> rewrite configuration.
>
> One place to look is the Ubuntu One source code:
>
> https://code.launchpad.net/~sil/desktopcouch/plaintext-auth-for-u1
>
> There's also some stuff on the wiki:
>
> http://wiki.apache.org/couchdb/Authentication_and_Authorization
Indeed I was about to ask the same things, though I'm more interested
in authenticating applications than humans. For that purpose so far we
have granted access without authentication via a vpn connecting only
trusted machines, which is the laziest and most effective setup, since
it seems to me that all other authentication/authorization methods are
too heavy for applications:
- if it's plain text we can't afford to setup https for any request
- cookie based doesn't protect from reply attacks o stolen cookies,
for what I've seen, and https is again needed
- about ouath, I'm still trying to understand how it's used in
couchdb, it may be the solution but I've no idea how to setup it and
if any request is signed differently or it's just a like cookie
granting access, so we must again use https.
In an ideal world I think that for applications the best solution is
giving the client to:
- sing each request with a shared secret (perhaps session based in
order not to make it live long), if you care just about authorization
- encrypt the whole request (query string & post data) and response if
we need also confidentiality
bye
--
Fabio Forno,
Ooros srl
jabber id: ff@jabber.bluendo.com
Re: how to setup authentication?
Posted by Chris Anderson <jc...@apache.org>.
On Sat, Nov 14, 2009 at 7:26 AM, Matthias Nothhaft
<ma...@googlemail.com> wrote:
> Hi,
>
> I'm trying to configure/setup CouchDB 0.10 on Ubuntu so that I can
> restrict access per database to different users. It would be enough to
> have one user per database.
>
> Are there any docs/information how to do this? Any more detailed
> information than those from "the book"?
>
> I wasn't able to find enough information about setting up this kind of
> access restriction. :-(
>
> I'm also interested in how to use the OAuth support.
>
Matthias,
The easiest way right now is to use a proxy like Apache httpd with
rewrite configuration.
One place to look is the Ubuntu One source code:
https://code.launchpad.net/~sil/desktopcouch/plaintext-auth-for-u1
There's also some stuff on the wiki:
http://wiki.apache.org/couchdb/Authentication_and_Authorization
> Any help is very appreciated.
>
> regards,
> Matthias
>
--
Chris Anderson
http://jchrisa.net
http://couch.io