Chapter 22. Security
We mentioned earlier that CouchDB is still in development and that features may have been added since the publication of this book. This is especially true for the security mechanisms in CouchDB. There is rudimentary support in the currently released versions (0.10.0), but as we’re writing these lines, additions are being discussed.
In this chapter, we’ll look at the basic security mechanisms in CouchDB: the Admin Party, Basic Authentication, Cookie Authentication, and OAuth.
The Admin Party
When you start out fresh, CouchDB allows any request to be made by anyone. Create a database? No problem, here you go. Delete some documents? Same deal. CouchDB calls this the Admin Party. Everybody has privileges to do anything. Neat.
While it is incredibly easy to get started with CouchDB that way, it should be obvious that putting a default installation into the wild is adventurous. Any rogue client could come along and delete a database.
A note of relief: by default, CouchDB will listen only on your
loopback network interface (127.0.0.1 or
localhost) and thus only you will be able to make
requests to CouchDB, nobody else. But when you start to open up your
CouchDB to the public (that is, by telling it to bind to your machine’s
public IP address), you will want to think about restricting access so
that the next bad guy doesn’t ruin your admin party.
In our previous discussions, w dropped some keywords about how things without the admin party work. First, there’s admin itself, ...