[ https://issues.apache.org/jira/browse/COUCHDB-263?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jan Lehnardt closed COUCHDB-263. -------------------------------- Resolution: Fixed Fixed in r800938 as part of COUCHDB-420. > require valid user for all database operations > ---------------------------------------------- > > Key: COUCHDB-263 > URL: https://issues.apache.org/jira/browse/COUCHDB-263 > Project: CouchDB > Issue Type: Improvement > Components: HTTP Interface > Affects Versions: 0.9 > Environment: All platforms. > Reporter: Jack Moffitt > Priority: Blocker > Fix For: 0.10 > > Attachments: couchauth.diff > > > Admin accounts currently restrict a few operations, but leave all other > operations completely open. Many use cases will require all operations to be > authenticated. This can certainly be done by overriding the > default_authentication_handler, but I think this very common use case can be > handled in default_authentication_handler without increasing the complexity > much. > Attached is a patch which adds a new config option, "require_valid_user", > which restricts all operations to authenticated users only. Since CouchDB > currently only has admins, this means that all operations are restricted to > admins. In a future CouchDB where there are also normal users, the intention > is that this would let them pass through as well. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.