force desktopcouch auth on
Bug #427446 reported by
Chad Miller
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| desktopcouch |
Fix Released
|
Critical
|
Chad Miller | ||
Bug Description
No one should be able to connect to couchdb without being authorized. In addition to admin account for Futon, we must protect direct access to couchdb using oauth.
The records interface must speak oauth correctly, and the replicating servers must each know the oauth tokens of the remote end.
The INI file we use for desktop couch must force auth to be enabled. We think this should be in a system INI file for desktopcouch that we read when starting up couchdb.
Related branches
lp:~sil/desktopcouch/load-many-ini-files
- Chad Miller (community): Approve
- dobey (community): Approve
- Diff: None lines
Revision history for this message
| Chad Miller (cmiller) wrote | #1 |
| tags: | added: ubuntuone-karmic |
Revision history for this message
| Stuart Langridge (sil) wrote | #2 |
| Changed in desktopcouch: | |
| assignee: | Stuart Langridge (sil) → Chad Miller (cmiller) |
Revision history for this message
| Chad Miller (cmiller) wrote | #3 |
| Changed in desktopcouch: | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
This may just be a matter of making a new file at
/etc/
and packing it with the setting, and making the couchdb launcher in d-c load it.