Only other admins can see admin's credentials in relocation docs. Regular users can only see their own replication docs.
Cheers Jan — > On 29. Jul 2019, at 15:11, Dilushan Delgoda <[email protected]> wrote: > > Hi. > > Thank you very much for your reply. > > I'm trying to replicate a database by putting a document to _replicator. > And when i set source and target "http://admin:password@localhost:5984/db"; > like this replication happening without any issue. But when i try without > putting username and password "http://localhost:5984/db"; replication not > happening. Is there workaround to solve this? I don't want to put password > in replication doc. And source, target and _replicator in same couchdb > instance. > > This is because even a db user with view access can then log in and see the > admin password which would compromise security. > > Best regards > > On Mon, Jul 29, 2019 at 3:19 PM Matteo Guadrini <[email protected]> > wrote: > >> I don't think we can do ... because, network traffic at a much lower level >> than the application. >> The CouchDB server (frontend) sees GET / PUT / POST coming from a certain >> ip. At this point, he asks the database specified in the url for the >> request and the server itself will verify the security. >> But there is no TCP / IP control at this level. Rather, you could make two >> servers, the first one responding only to localhost in AdminParty and the >> second with the user and password and in bind on a private / public ip. The >> second will receive the db in reply from the first. >> It could be an idea... >> >> Matteo Guadrini >> >> ________________________________ >> Da: Dilushan Delgoda <[email protected]> >> Inviato: lunedì 29 luglio 2019 10:29 >> A: [email protected] <[email protected]> >> Oggetto: Bind to localhost without require valid user >> >> Is it possible to bind Couchdb to localhost without require valid user and >> all other interfaces with require valid user setting. So when application >> access through localhost that applications doesn't require username >> password to Couchdb and applications access from external interfaces >> require username password. >> >> -- >> Regards, >> Dilushan Delgoda >> > > > -- > Regards, > Dilushan Delgoda
