如何防止匿名用户阅读 couchdb?
How to prevent anonymous users reading couchdb?
我想用管理员账号通过curl远程管理couchdb,但是我发现匿名用户也可以读取一些信息,比如_all_dbs,这不是我想要的。似乎 couchdb 允许匿名用户使用 GET 和 HEAD 方法,那么我该如何防止呢?我想要的是只允许管理员。
我在local.ini中做了如下设置:
require_valid_user = true
WWW-Authenticate = Basic realm="administrator"
感谢和问候
假设您禁用了 Admin party 模式。尝试像这样设置两个有效的用户字段:
[couch_httpd_auth]
require_valid_user = true
[chttpd]
require_valid_user = true
根据docs,一个用于集群端口,另一个用于节点本地端口。
编辑:我忘记了会员资格。
您需要设置每个数据库Security object. And put some members in the members and admins fields. You can do this via Fauxton GUI by clicking on the "lock" icon next to each database. Or by doing PUT /db/_security with the appropriate json. From the docs(强调我的)。
If there are any member names or roles defined for a database, then only authenticated users having a matching name or role are allowed to read documents from the database.
我想用管理员账号通过curl远程管理couchdb,但是我发现匿名用户也可以读取一些信息,比如_all_dbs,这不是我想要的。似乎 couchdb 允许匿名用户使用 GET 和 HEAD 方法,那么我该如何防止呢?我想要的是只允许管理员。
我在local.ini中做了如下设置:
require_valid_user = true
WWW-Authenticate = Basic realm="administrator"
感谢和问候
假设您禁用了 Admin party 模式。尝试像这样设置两个有效的用户字段:
[couch_httpd_auth]
require_valid_user = true
[chttpd]
require_valid_user = true
根据docs,一个用于集群端口,另一个用于节点本地端口。
编辑:我忘记了会员资格。
您需要设置每个数据库Security object. And put some members in the members and admins fields. You can do this via Fauxton GUI by clicking on the "lock" icon next to each database. Or by doing PUT /db/_security with the appropriate json. From the docs(强调我的)。
If there are any member names or roles defined for a database, then only authenticated users having a matching name or role are allowed to read documents from the database.