> On Feb 26, 2019, at 7:12 PM, Michael Fair <mich...@daclubhouse.net> wrote:
>
> On Tue, Feb 26, 2019 at 3:38 PM Adam Kocoloski <kocol...@apache.org> wrote:
>
>> Mike,
>>
>> If I’m reading you correctly you’re concerned about cross-domain
>> authentication. A good problem and worth discussing, but I think it’s
>> cleanly decoupled from the per-doc access control work, which is focused on
>> *authorization*.
>>
>>
>
> I don't think I'm talking about the same cross domain authentication you
> are talking about. I think you are talking about a web page from Domain
> (B) attempting to access Couch resource in domain (A) (Cross site scripting
> access). That's not what I'm talking about.
>
> I'm talking about what ought to happen with the authorization control
> definitions when you have two Couch servers, one running in Domain (A) and
> one running in Domain (B) with different sets of system users, such that
> the authorized entities in the bidirectionally replicated database don't
> exist in both server instances (the two distinct domains share the same
> document database but have disparate sets of authenticated system users).
>
> In other words the ("sam", "pete", and "joe") users on domain/machine A are
> not the same thing as the ("mary", "betty", and "sue") users on
> domain/machine B; yet the replicated database between the two machines has
> the same access control document authorization descriptors in both places.
Thanks Mike, I did understand you correctly the first time. I still maintain
that’s in the realm of authentication, not authorization, and should be cleanly
separable from the problem of implementing per-document access controls. Cheers,
Adam
