Mark,
As I understand it, you are asking for a guarantee of product behavior
that is not specified in existing product documentation. I could write
you a simple test to show that a server with application-level
authentication still processes the Authorization header for
xdmp:get-request-username(), but I suspect you've already done that.
So I'd recommend that you contact support: they may be able to provide
you with additional documentation, or file a request for enhancement.
-- Mike
Mark Boyd wrote:
The stunned silence is very reassuring. Any takers? Any Mark Logic
representatives care to comment?
Thanks.
Mark
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Mark Boyd
Sent: Monday, September 29, 2008 11:48 AM
To: General Mark Logic Developer Discussion
Subject: [MarkLogic Dev General] mark logic handling of Authorization header
Does anyone know if xdmp:get-request-username() is guaranteed to always return
the username of the Authorization header for a request even when that
Authorization header is not specific to Mark Logic? For example, when
application-level authentication is configured for an http app server but Mark
Logic is sitting behind apache acting as a reverse proxy that required basic
auth to get to the applications behind apache I'm letting that header through
and the Mark Logic application is decoding it and returning the username for
the xdmp:get-request-username() call even though Mark Logic isn't protecting
via basic auth. Is that always guaranteed to work? The 3.2. documentation for
that method does not make it clear from where it gets its information for the
request.
Mark
________________________________
NOTICE: This email message is for the sole use of the intended recipient(s) and
may contain confidential and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy all copies of
the original message.
----------------------------------------------------------------------
NOTICE: This email message is for the sole use of the intended recipient(s) and
may contain confidential and privileged information. Any unauthorized review,
use, disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy all copies of
the original message.
------------------------------------------------------------------------
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
