上QQ阅读APP看书,第一时间看更新
Time for action — checking to make sure the database is secure
Your _users database should be secure, so that only admins can read or alter the structure of the database. Let's quickly test this:
- Open Terminal.
- Try to read the user document again by running the following command. Again, replace
your_usernamewith the username of the service admin that you just created:curl localhost:5984/_users/org.couchdb.user:your_username - Terminal will respond with the following:
{"error":"unauthorized","reason":"You are not authorized to access this db."}
What just happened?
With the CouchDB instance out of Admin Party mode, the authentication module stepped in to make sure that anonymous users couldn't read the database.
If you were to play around with the command line again, you would be restricted by doing anything with the _users database, but you would also notice that the test-db database is operating just as it was before, perfect! That's exactly what we wanted. You might be asking how do I access the _users database through the command line, now that security is enabled? You have to show that you are an admin by passing your credentials to the RESTful JSON API.