Jeron,
Why not create a user called "visitor", and make sure all your XCC code
defaults to that login? That's essentially what the application-level
authentication option for HTTP does, after all.
-- Mike
On 2009-09-01 03:27, Jeroen Pulles wrote:
Hi,
I am starting out with Mark Logic Server and want to develop a Java
servlet based web application that accesses Mark Logic via XCC/XDBC.
The application will work with various roles from admin, editor, and
author to anonymous visitor.
As I understand it, on an HTTP-based app-server this would require
setting the authentication to application-level.
I have some trouble understanding the security model on a XDBC
app-server with the XCC connector, however. In contrast to HTTP
servers, the Mark Logic admin page does not have a setting for a
server-wide authentication model. Section 5.2 from the "Understanding
and Using Security" doc specifies that the XDBC connector *always*
uses (digest-basic) authentication.
How can I have anonymous users on my servlet query Mark Logic server via XCC?
When not specifying a user/password I get an "No default user/password
configured" error message. When using a bogus nobody/nobody
user/password combo, I get "Authorization failed for user 'nobody'.".
regards,
Jeroen Pulles
--
The actual code that was used:
Context initCtx = new InitialContext();
Context envCtx = (Context)initCtx.lookup("java:comp/env");
ContentSource cs = (ContentSource)envCtx.lookup("marklogic/ContentSource");
Session xdq_session;
HttpSession session = request.getSession(false);
if (session == null || session.getAttribute("username") == null) {
xdq_session = cs.newSession();
// cs.newSession("nobody", "nobody");
} else {
xdq_session = cs.newSession(
(String)session.getAttribute("username"),
(String)session.getAttribute("password"));
}
RequestOptions options = new RequestOptions();
Request xdq_request = session.newModuleInvoke("/hello.xqy", options);
<Resource name="marklogic/ContentSource" auth="Container"
description="Mark Logic database XDBC connection"
type="com.marklogic.xcc.ContentSource"
factory="com.marklogic.xcc.jndi.ContentSourceBeanFactory"
host="192.168.1.186" port="8021" />
java.lang.IllegalStateException: No default user/password configured
com.marklogic.xcc.impl.ContentSourceImpl.newSession(ContentSourceImpl.java:87)
com.xopus.nuthatch.servlets.NuthatchServlet.newXccSession(NuthatchServlet.java:41)
com.xopus.nuthatch.servlets.HelloWorld.doGet(HelloWorld.java:29)
javax.servlet.http.HttpServlet.service(HttpServlet.java:627)
javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
Anonymous acces to the equivalent http://localhost:8009/hello.xqy on a
HTTP app-server works fine when the app-server uses application-level
authentication.
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
_______________________________________________
General mailing list
[email protected]
http://xqzone.com/mailman/listinfo/general
