Update documentation for require_valid_user
Fixes COUCHDB-3100
diff --git a/src/api/server/configuration.rst b/src/api/server/configuration.rst
index 92057e3..6655fc9 100644
--- a/src/api/server/configuration.rst
+++ b/src/api/server/configuration.rst
@@ -60,12 +60,6 @@
"compressible_types": "text/*, application/javascript, application/json, application/xml",
"compression_level": "8"
},
- "couch_httpd_auth": {
- "auth_cache_size": "50",
- "authentication_redirect": "/_utils/session.html",
- "require_valid_user": "false",
- "timeout": "600"
- },
"couchdb": {
"users_db_suffix": "_users",
"database_dir": "/var/lib/couchdb",
@@ -77,6 +71,14 @@
"util_driver_dir": "/usr/lib64/couchdb/erlang/lib/couch-1.5.0/priv/lib",
"view_index_dir": "/var/lib/couchdb"
},
+ "chttpd": {
+ "backlog": "512",
+ "bind_address": "0.0.0.0",
+ "docroot": "./share/www",
+ "port": "5984",
+ "require_valid_user": "false",
+ "socket_options": "[{recbuf, 262144}, {sndbuf, 262144}, {nodelay, true}]"
+ },
"daemons": {
"auth_cache": "{couch_auth_cache, start_link, []}",
"db_update_notifier": "{couch_db_update_notifier_sup, start_link, []}",
diff --git a/src/config/auth.rst b/src/config/auth.rst
index 50c8d74..eb5c7ba 100644
--- a/src/config/auth.rst
+++ b/src/config/auth.rst
@@ -107,6 +107,21 @@
Authentication Configuration
============================
+.. config:section:: chttpd :: Clustered Authentication Configuration
+
+ .. config:option:: require_valid_user :: Force user authentication
+
+ When this option is set to ``true``, no requests are allowed from
+ anonymous users. Everyone must be authenticated. ::
+
+ [chttpd]
+ require_valid_user = false
+
+ .. note::
+ This setting only affects the clustered-port (5984 by default).
+ To make the same change for the node-local port (5986 by default),
+ set the ``[couch_httpd_auth]`` setting of the same name.
+
.. config:section:: couch_httpd_auth :: Authentication Configuration
.. config:option:: allow_persistent_cookies :: Persistent cookies
@@ -133,6 +148,10 @@
[couch_httpd_auth]
authentication_redirect = /_utils/session.html
+ .. note::
+ This setting affects both the clustered-port (5984 by default)
+ and the node-local port (5986 by default).
+
.. config:option:: iterations :: PBKDF2 iterations count
.. versionadded:: 1.3
@@ -201,6 +220,11 @@
[couch_httpd_auth]
require_valid_user = false
+ .. warning::
+ This setting only affects the node-local port (5986 by default).
+ Most administrators want the ``[chttpd]`` setting of the same name
+ for clustered-port (5984) behaviour.
+
.. config:option:: secret :: Authentication secret token
The secret token is used for :ref:`api/auth/proxy` and for :ref:`api/auth/cookie`. ::
@@ -227,6 +251,10 @@
[couch_httpd_auth]
users_db_public = false
+ .. note::
+ This setting affects both the clustered-port (5984 by default)
+ and the node-local port (5986 by default).
+
.. config:option:: x_auth_roles :: Proxy Auth roles header
The HTTP header name (``X-Auth-CouchDB-Roles`` by default) that