On Sep 6, 2010, at 17:24 , J Chris Anderson wrote: > Also it is worth noting that CouchDB has a builtin authentication system that > gets this right, and you might just be able to piggyback on it, depending on > your application: > > http://blog.couch.io/post/1027100082/whats-new-in-couchdb-1-0-part-4-securityn-stuff
So the security model is: - Admins can do everything on all local databases - Readers can read the entire database - Writes can have any model you like with validation functions So if you want to segment your database readers you have to segment your databases. Furthermore, if you would like to use LDAP authentication, you'd have to use an LDAP-to-OAuth server. Correct? Wout.
