Reputation: 546
how to make couch db authentication work
I am having CouchDB installed in a developer environment and exposed the port to public. I have also added admin party. So if I go to http://ip:5984/_utils its asking for username and password which is expected. However, if I make the direct request with my db name for example http://ip:5984/{dbname} then its returning json value and also I am able to access this data also via same get request. Am I doing anything wrong here?
Upvotes: 1
Views: 1111
Answers (2)
Reputation: 79744
It sounds like you need to set up the database's security document to control which users have what access. Be sure to read the entire document on security so you have a complete understanding of CouchDB's security model, and how to configure it.
Upvotes: 1
Reputation: 3690
Correct me if I'm wrong but you probably meant that you Removed the admin party?
If so, removing admin party only disable annonymous users from doing admin operations. They can still access database.
If you want to restrict access only to authenticated users, you MUST set this configuration value:
[couch_httpd_auth]
require_valid_user = true
Otherwise, you can set per database permissions (see Database Security)
Upvotes: 0
Related Questions
- CouchDB read authorization
- CouchDB: How to set/get user's password hash?
- Couchbase lite - user access control
- Externally available CouchDB security
- how to connect to couchdb database using couchdb4j api with username and password?
- CouchDB _session authentication is failing
- Couchdb Authentication / Authorisation
- CouchApps and user authentication
- couchdb read authentication
- How do I authenticate with couchdb using couchbeam?