RavenDB IIS authentication/authorization

Question

I have a scenario that should be possible with RavenDB imho but I can't find any piece of information that could help me to implement this.

I've deployed the RavenDB as IIS application to my regular hosting. I have no dedicated server so this is almost all options I have. Another option is to create web application with embedded RavenDB which I think is more complicated and I want to keep things simple now. Having RavenDB as IIS application seems to be very handy.

I want some users to be able to log in into RavenDB application and edit documents. Other users (anonymous) can only read the data.

I found that there are 2 optional bundles in the app: Raven.Bundles.Authentication.dll Raven.Bundles.Authorization.dll Unfortunately the documentation on this bundles is not complete enough :(

Here is a description of what I'm aiming for: http://www.youtube.com/watch?v=bS4UMp12PZM&feature=player_detailpage#t=899s

So the questions are:

• How can I store user information in RavenDB and authenticate against this information?
• How can I grant edit rights on document collections for specific users?
• How can I grant all (admin) rights to some specific user?

Answer 1

Here is a few resource that you can follow:

Authentication options with RavenDB
http://www.youtube.com/watch?v=bS4UMp12PZM

Authorization Bundle
http://ravendb.net/docs/server/bundles/authorization
http://ravendb.net/docs/server/bundles/authorization-bundle-design

Edit
For simple cases, use application users instead of database users.
Store a User entities and authenticate the users against it. Each user should have a user type property which says what permissions that have. Than control what action a user can do in the application level, not in the database level.