[MarkLogic Dev General] Anonymous access with XCC?

Tue, 01 Sep 2009 03:28:07 -0700 

Hi,

I am starting out with Mark Logic Server and want to develop a Java
servlet based web application that accesses Mark Logic via XCC/XDBC.
The application will work with various roles from admin, editor, and
author to anonymous visitor.

As I understand it, on an HTTP-based app-server this would require
setting the authentication to application-level.

I have some trouble understanding the security model on a XDBC
app-server with the XCC connector, however. In contrast to HTTP
servers, the Mark Logic admin page does not have a setting for a
server-wide authentication model. Section 5.2 from the "Understanding
and Using Security" doc specifies that the XDBC connector *always*
uses (digest-basic) authentication.

How can I have anonymous users on my servlet query Mark Logic server via XCC?

When not specifying a user/password I get an "No default user/password
configured" error message. When using a bogus nobody/nobody
user/password combo, I get "Authorization failed for user 'nobody'.".

regards,
Jeroen Pulles

--
The actual code that was used:

Context initCtx = new InitialContext();
Context envCtx = (Context)initCtx.lookup("java:comp/env");
ContentSource cs = (ContentSource)envCtx.lookup("marklogic/ContentSource");
Session xdq_session;
HttpSession session = request.getSession(false);
if (session == null || session.getAttribute("username") == null) {
  xdq_session = cs.newSession();
  // cs.newSession("nobody", "nobody");
} else {
  xdq_session = cs.newSession(
    (String)session.getAttribute("username"),
    (String)session.getAttribute("password"));
}
RequestOptions options = new RequestOptions();
Request xdq_request = session.newModuleInvoke("/hello.xqy", options);


<Resource name="marklogic/ContentSource" auth="Container"
 description="Mark Logic database XDBC connection"
 type="com.marklogic.xcc.ContentSource"
 factory="com.marklogic.xcc.jndi.ContentSourceBeanFactory"
 host="192.168.1.186" port="8021" />

java.lang.IllegalStateException: No default user/password configured
        
com.marklogic.xcc.impl.ContentSourceImpl.newSession(ContentSourceImpl.java:87)
        
com.xopus.nuthatch.servlets.NuthatchServlet.newXccSession(NuthatchServlet.java:41)
        com.xopus.nuthatch.servlets.HelloWorld.doGet(HelloWorld.java:29)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:627)
        javax.servlet.http.HttpServlet.service(HttpServlet.java:729)

Anonymous acces to the equivalent http://localhost:8009/hello.xqy on a
HTTP app-server works fine when the app-server uses application-level
authentication.
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general

Reply via email to