Hi Folks,
I'm looking for ideas for passing in credentials as a means to restrict content access and application feature access, specifically to control whether a user can view or update web forms. I also want to log user access. I am thinking about creating a user object (XML record) that is good for the login session, but that gets back to how I am going to control user access. I could develop a .Net application using XCC or simply HTTP access to MarkLogic, or, I can bypass the rich .Net interface and develop a login page directly via an HTTP interface. I could create user accounts in MarkLogic and to assign them to different roles, or to develop application-level authentication in which I can create a user object that is mapped to content-access roles and to application feature access. I would also like to support session timeouts. The application will likely be behind a proxy server for public access. I'm wondering if there are any sample applications, best practices, and/or recommendations available accordingly. Thanks ahead of time! Tim Meagher
_______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
