I am probably not understanding something here, but how about you just pass the images that you need when you send the XML from MarkLogic to the XSLT processor, then squirrel away the images on the java side somewhere and tell the pdf-generator where those images are (rather than having it need to fetch them from MarkLogic). Wouldn't that avoid the authentication issue?
-Danny ________________________________________ From: [email protected] [[email protected]] On Behalf Of Lee, David [[email protected]] Sent: Sunday, April 18, 2010 8:06 AM To: General Mark Logic Developer Discussion Subject: RE: [MarkLogic Dev General] RE: PassingauthenticationinformationinaURL > Why do you want to re-login? To utilize permissions on the images? Yes. The theory being I could then count on ML to do authentication for me instead of making it up myself. This is all somewhat pedantic because in this case I don't really need high security for the images, just was hoping for a general solution that could be reused 'next time' when I really want security. I propose to MarkLogic that implementing a security token mechanism in the system would be a good thing. Of course I realize it's a LOT harder to do right then to hack it. Once you open the whole can of worms about passing around pre-authenticated tokens its truely a tough security problem to solve perfectly so I can see why they haven't implemented it (yet). But on the other hand, since it is so hard to do right, it really is something that should be done by the system, not re-invented by every user, who wont do as good a job. -David ---------------------------------------- David A. Lee Senior Principal Software Engineer Epocrates, Inc. [email protected] 812-482-5224 _______________________________________________ General mailing list [email protected] http://xqzone.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected] http://xqzone.com/mailman/listinfo/general
