In Files
Parent
Object
Object
This version of the Couch::Server class is modified for additional authentication methods.
It supports the following authentication methods with or without SSL connection;
Basic Authentication
Digest Authentication (net-http-digest_auth library is required)
SSL Client Authentication (It is not supported by the CouchDB server)
CouchDB Proxy Authentication
Other, Get()/put()/post()/delete(), methods are same as original methods.
![[+]](../images/find.png "show/hide quicksearch"){kind=small}
opts = {}
server = Couch::Server.new("localhost", "5984", opts)
The +opts[“cacert”]+ enables the SSL connection.
opts["cacert"] = "/path/to/cacert.pem"
server = Couch::Server.new("couchdb.example.org", "443", opts)
The server hostname must be matched with the Common Name of the server certificate.
opts = {}
opts["user"] = "username"
opts["password"] = "xxxxxx"
server = Couch::Server.new("localhost", "5984", opts)
opts = {}
opts["user"] = "username"
opts["password"] = "xxxxxx"
opts["digest_auth"] = ""
server = Couch::Server.new("localhost", "80", opts)
The digest authentication is turned on when the “digest_auth“ key is defined.
opts['user'] = "username"
opts['password'] = "xxxxxx"
opts['cacert'] = "/path/to/cacert.pem"
opts['ssl_client_cert'] = OpenSSL::X509::Certificate.new(File.new("/path/to/cert.pem"))
opts['ssl_client_key'] = OpenSSL::PKey::RSA.new(File.new("/path/to/key.pem"))
server = Couch::Server.new("couchdb.example.org", "6984", opts)
The ssl_verify_depth and ssl_verify_mode are optional. The default values are followings;
opts["ssl_verify_mode"] = OpenSSL::SSL::VERIFY_PEER opts["ssl_verify_depth"] = 5
opts["proxy_auth_user"] = "user01"
opts["proxy_auth_roles"] = "dbadmin"
opts["proxy_auth_token"] = "d4c3b0fd10bed9642fb5bbfcc0203ca27c707300"
server = Couch::Server.new("localhost", "80", opts)
The original “Couch” module is describe at the couchdb wiki;
http://wiki.apache.org/couchdb/Getting_started_with_Ruby
Please refer the original file, couchdb.rb.orig, in the same directory.
The modified code is licensed by the following term;
Copyright (C) 2010,2011 Yasuhiro ABE <yasu@yasundial.org>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
# File couchdb.rb, line 105
105: def initialize(host, port, options = nil)
106: @host = host
107: @port = port
108: @options = options
109: @options = Hash.new if options.nil? or not options.kind_of?(Hash)
110: @www_auth = nil
111: @auth = nil
112: if options.has_key?('digest_auth')
113: require 'net/http/digest_auth'
114: @digest_auth = Net::HTTP::DigestAuth.new
115: end
116: end
# File couchdb.rb, line 118
118: def delete(uri)
119: setup_digest_auth(uri,'DELETE')
120: request(Net::HTTP::Delete.new(uri))
121: end
# File couchdb.rb, line 123
123: def get(uri)
124: setup_digest_auth(uri,'GET')
125: request(Net::HTTP::Get.new(uri))
126: end
# File couchdb.rb, line 128
128: def head(uri)
129: setup_digest_auth(uri,'HEAD')
130: request(Net::HTTP::Head.new(uri))
131: end
# File couchdb.rb, line 141
141: def post(uri, json)
142: setup_digest_auth(uri,'POST')
143: req = Net::HTTP::Post.new(uri)
144: req["content-type"] = "application/json"
145: req.body = json
146: request(req)
147: end
# File couchdb.rb, line 133
133: def put(uri, json)
134: setup_digest_auth(uri,'PUT')
135: req = Net::HTTP::Put.new(uri)
136: req["content-type"] = "application/json"
137: req.body = json
138: request(req)
139: end
# File couchdb.rb, line 149
149: def request(req)
150: req.basic_auth @options['user'], @options['password'] if @options.has_key?('user') and
151: @options.has_key?('password') and
152: not @options.has_key?('digest_auth')
153: req["X-Auth-CouchDB-UserName"] = @options['proxy_auth_user'] if @options.has_key?('proxy_auth_user')
154: req["X-Auth-CouchDB-Roles"] = @options['proxy_auth_roles'] if @options.has_key?('proxy_auth_roles')
155: req["X-Auth-CouchDB-Token"] = @options['proxy_auth_token'] if @options.has_key?('proxy_auth_token')
156:
157: client = Net::HTTP.new(@host, @port)
158: check_ssl(client)
159:
160: client.set_debug_output $stderr if @options.has_key?('debug') and @options['debug']
161:
162: if @options.has_key?('digest_auth')
163: req["Authorization"] = @auth
164: end
165:
166: res = client.start { |http| http.request(req) }
167: @www_auth = nil if res.kind_of?(Net::HTTPUnauthorized) and @options.has_key?('digest_auth')
168: res
169: end
# File couchdb.rb, line 173
173: def check_ssl(client)
174: if @options.has_key?('cacert')
175: client.use_ssl = true
176: client.ca_file = @options['cacert']
177: client.verify_mode = OpenSSL::SSL::VERIFY_PEER
178: client.verify_mode = @options['ssl_verify_mode'] if @options.has_key?('ssl_verify_mode')
179: client.verify_depth = 5
180: client.verify_depth = @options['ssl_verify_depth'] if @options.has_key?('ssl_verify_depth')
181: client.cert = @options['ssl_client_cert'] if @options.has_key?('ssl_client_cert')
182: client.key = @options['ssl_client_key'] if @options.has_key?('ssl_client_key')
183: end
184: end
# File couchdb.rb, line 186
186: def setup_digest_auth(uri, method)
187: return if not @options.has_key?('digest_auth')
188: if @www_auth == nil
189: req = Net::HTTP::Get.new(uri)
190: client = Net::HTTP.new(@host, @port)
191: check_ssl(client)
192: res = client.start { |http| http.request(req) }
193: ## res must be the instance of Net::HTTPUnauthorized
194: raise res if not res.kind_of?(Net::HTTPUnauthorized)
195: @www_auth = res['www-authenticate']
196: end
197: url = TinyURI.new(@options['user'], @options['password'], uri)
198: @auth = @digest_auth.auth_header(url, @www_auth, method)
199: end
Disabled; run with --debug to generate this.
Generated with the Darkfish Rdoc Generator 1.1.6.