Is it possible to disable listing of all keys in a bucket?

Eamonn O'Brien-Strain eob at hp.com
Sat May 28 20:56:32 EDT 2011


On 05/28/2011 05:40 PM, Jonathan Langevin wrote:
>
> Put a proxy in front, block that request url.
>

Thanks Jonathan.  Yep, that would work, but it adds another otherwise 
unnecessary component to my deployment, which I would like to keep as 
simple as possible.  That is why I was hoping there would be some easy 
change that I could make to the app.config file.

__
Eamonn


> - Jon Langevin -- sent from my Android phone
>
> On May 28, 2011 8:26 PM, "Eamonn O'Brien-Strain" <eob at hp.com 
> <mailto:eob at hp.com>> wrote:
> > Is it possible to configure Riak so that it is impossible to use the
> > REST API to list all the keys in a bucket?
> >
> > I would like to use a "capability security" approach where all the keys
> > are unguessable random strings, such that possession of a key gives a
> > client authorization to fetch the data for that key, and a client who
> > does not have the key cannot fetch the data.
> >
> > However, the ability to list all the keys in a bucket defeats that
> > security model.
> >
> > Thanks,
> > __
> > Eamonn O'Brien-Strain
> > HP Labs
> >
> > _______________________________________________
> > riak-users mailing list
> > riak-users at lists.basho.com <mailto:riak-users at lists.basho.com>
> > http://lists.basho.com/mailman/listinfo/riak-users_lists.basho.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.basho.com/pipermail/riak-users_lists.basho.com/attachments/20110528/1b6df9a7/attachment.html>


More information about the riak-users mailing list