1 files changed, 15 insertions, 31 deletions
diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini
index 8b47cb04a..084a16ec2 100644
--- a/rel/overlay/etc/default.ini
+++ b/rel/overlay/etc/default.ini
@@ -8,7 +8,7 @@ database_dir = {{data_dir}}
 view_index_dir = {{view_index_dir}}
 ; util_driver_dir =
 ; plugin_dir =
-os_process_timeout = 5000 ; 5 seconds. for view and external servers.
+os_process_timeout = 5000 ; 5 seconds. for view servers.
 max_dbs_open = 500
 delayed_commits = false
 ; Method used to compress everything that is appended to database and view index files, except
@@ -93,6 +93,14 @@ prefer_minimal = Cache-Control, Content-Length, Content-Range, Content-Type, ETa
 ; _dbs_info in a request
 max_db_number_for_dbs_info_req = 100
 
+; authentication handlers
+; authentication_handlers = {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler}
+; uncomment the next line to enable proxy authentication
+; authentication_handlers = {chttpd_auth, proxy_authentication_handler}, {chttpd_auth, cookie_authentication_handler}, {chttpd_auth, default_authentication_handler}
+
+; prevent non-admins from accessing /_all_dbs
+;admin_only_all_dbs = false
+
 [database_compaction]
 ; larger buffer sizes can originate smaller files
 doc_buffer_size = 524288 ; value in bytes
@@ -144,7 +152,7 @@ enable_xframe_options = false
 ; x_forwarded_proto = X-Forwarded-Proto
 ; x_forwarded_ssl = X-Forwarded-Ssl
 ; Maximum allowed http request size. Applies to both clustered and local port.
-max_http_request_size = 67108864 ; 64 MB
+max_http_request_size = 4294967296 ; 4GB
 
 ; [httpd_design_handlers]
 ; _view = 
@@ -198,8 +206,7 @@ require_valid_user = false
 timeout = 600 ; number of seconds before automatic logout
 auth_cache_size = 50 ; size is number of cache entries
 allow_persistent_cookies = false ; set to true to allow persistent cookies
-iterations = 10 ; iterations for PBKDF2 password hashing
-log_rounds = 10 ; 2^log_rounds iterations for Bcrypt password hashing
+iterations = 10 ; iterations for password hashing
 ; min_iterations = 1
 ; max_iterations = 1000000000
 ; password_scheme = pbkdf2
@@ -277,7 +284,6 @@ os_process_limit = 100
 
 [daemons]
 index_server={couch_index_server, start_link, []}
-external_manager={couch_external_manager, start_link, []}
 query_servers={couch_proc_manager, start_link, []}
 vhosts={couch_httpd_vhost, start_link, []}
 httpd={couch_httpd, start_link, []}
@@ -322,12 +328,6 @@ _design = {couch_httpd_db, handle_design_req}
 _temp_view = {couch_mrview_http, handle_temp_view_req}
 _view_cleanup = {couch_mrview_http, handle_cleanup_req}
 
-; The external module takes an optional argument allowing you to narrow it to a
-; single script. Otherwise the script name is inferred from the first path section
-; after _external's own path.
-; _mypath = {couch_httpd_external, handle_external_req, <<"mykey">>}
-; _external = {couch_httpd_external, handle_external_req}
-
 [httpd_design_handlers]
 _compact = {couch_mrview_http, handle_compact_req}
 _info = {couch_mrview_http, handle_info_req}
@@ -338,21 +338,6 @@ _update = {couch_mrview_show, handle_doc_update_req}
 _view = {couch_mrview_http, handle_view_req}
 _view_changes = {couch_mrview_http, handle_view_changes_req}
 
-; enable external as an httpd handler, then link it with commands here.
-; note, this api is still under consideration.
-; [external]
-; mykey = /path/to/mycommand
-
-; Here you can setup commands for CouchDB to manage
-; while it is alive. It will attempt to keep each command
-; alive if it exits.
-; [os_daemons]
-; some_daemon_name = /path/to/script -with args
-; [os_daemon_settings]
-; max_retries = 3
-; retry_time = 5
-
-
 [uuids]
 ; Known algorithms:
 ;   random - 128 bits of random awesome
@@ -448,13 +433,12 @@ ssl_certificate_max_depth = 3
 ; There are currently two plugins available:
 ;   couch_replicator_auth_session - use _session cookie authentication
 ;   couch_replicator_auth_noop - use basic authentication (previous default)
-; Currently previous default behavior is still the default. To start using
-; session auth, use this as the list of plugins:
-; `couch_replicator_auth_session,couch_replicator_auth_noop`.
-; In a future release the session plugin might be used by default.
+; Currently, the new _session cookie authentication is tried first, before
+; falling back to the old basic authenticaion default:
+;auth_plugins = couch_replicator_auth_session,couch_replicator_auth_noop
+; To restore the old behaviour, use the following value:
 ;auth_plugins = couch_replicator_auth_noop
 
-
 [compaction_daemon]
 ; The delay, in seconds, between each check for which database and view indexes
 ; need to be compacted.