Hi Anirudh, Depends on how the website handles the authentication. It usually involves creating a session with a session id. If you can add that as a simple request param to the url to the MarkLogic Server, you could have the rewrite.xqy do some verification of the session id through some web service of the site that passes user information as a response if it validates. If so, and the user info tells MarkLogic that the MarkLogic app can be shown, proceed normally, otherwise show a login page or perhaps some fixed message that the user is not authorized..
Others may come up with other possible scenarios, but this seems feasible to me.. Kind regards, Geert Van: [email protected] [mailto:[email protected]] Namens anirudh chappidi Verzonden: woensdag 20 april 2011 18:25 Aan: General MarkLogic Developer Discussion Onderwerp: Re: [MarkLogic Dev General] Regarding Application builder The start of the website has an authentication. I thought the page which is generated using application builder can't use it. How can I reuse the credentials? On Wed, Apr 20, 2011 at 9:47 PM, Geert Josten <[email protected]<mailto:[email protected]>> wrote: Hi Anirudh, It would involve creating some login.xqy that does what you describe, and patching the rewrite.xqy to add a redirect for login uris. Not sure though, what happens when you redeploy the app from the app builder. It could overwrite your patched rewrite.xqy. You could make copy, and patch the copy, but you would need to change the redirect setting in the Admin interface of the HTTP app server created by the app builder. You might need to recheck the rewrite setting after a redeploy.. It sounds like the other webpage doesn’t authenticate, otherwise you could reuse credentials and skip a login page in MarkLogic Server.. Kind regards, Geert Van: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] Namens anirudh chappidi Verzonden: woensdag 20 april 2011 9:20 Aan: General MarkLogic Developer Discussion Onderwerp: Re: [MarkLogic Dev General] Regarding Application builder Other webpages are not build with MarkLogic Server. Users and roles are already assigned to limit what a particular user can see/edit. Instead of authenticating the user against MarkLogic Database, I want to authenticate it against an external database. I want to authenticate first and take the user to his assigned view. For this to happen, I am thinking to select a particular way. It is to keep authentication to application level. Point the application builder to a custom log in page. Authenticate against an external/other database using MLSQL. After successful authentication directing it to page depending upon the user role. Can you please let me know whether this can happen? On Wed, Apr 20, 2011 at 11:21 AM, Geert Josten <[email protected]<mailto:[email protected]>> wrote: Hi Anirudh, You can use the MarkLogic Server Admin interface (usually at http port 8001) to change authentication to application-level. You can select nobody as user if it is only a read-only webpage. If it allows updating of some kind, you will need a different user (I recommend against using admin). But application-level authentication in combination with a non-nobody user is an inherent security risk if you can access the webpage from outside directly (even if it is part of another website). It would be better to leave the authentication in place and have the framework of the other webpage proxy the contents of MarkLogic Server and do the authentication for that on the background. I assume the other webpage is not build with MarkLogic Server? Kind regards, Geert Van: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] Namens anirudh chappidi Verzonden: woensdag 20 april 2011 5:48 Aan: General MarkLogic Developer Discussion Onderwerp: Re: [MarkLogic Dev General] Regarding Application builder I am planning to use a webpage which is developed from application builder as a part of another website. Is there a way that I can enter the webpage (generated using application builder )without any prompt for authentication? I am supposed to authenticate when I first log in to the website and not while I enter the page which is developed using application builder. Please let me know that such thing can be done. On Wed, Apr 20, 2011 at 12:28 AM, Geert Josten <[email protected]<mailto:[email protected]>> wrote: Hi Anirudh, MarkLogic Server doesn’t have any dedicated back-end connectors for connecting different databases, but it is often not too difficult to disclose them using HTTP, or write a small webapp in Java or .Net and connect that using HTTP. You could take a look at MLSQL (http://developer.marklogic.com/code/mlsql) which does exactly that. Making HTTP requests to other databases involves overhead and latency, though. It could be worthwhile to do it the other way around and have an authenticating proxy webapp (written in Java or so) in front of MarkLogic Server. That is not uncommon.. Kind regards, Geert Van: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] Namens anirudh chappidi Verzonden: dinsdag 19 april 2011 20:44 Aan: General MarkLogic Developer Discussion Onderwerp: Re: [MarkLogic Dev General] Regarding Application builder It is a different database(not mark logic). On Tue, Apr 19, 2011 at 11:57 PM, Geert Josten <[email protected]<mailto:[email protected]>> wrote: Hi Anirudh, Can you elaborate what you mean with ‘remote database’? Is it a just a different database within a MarkLogic Server cluster, or an entirely different database, or perhaps something like LDAP? Kind regards, Geert Van: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] Namens anirudh chappidi Verzonden: dinsdag 19 april 2011 20:12 Aan: [email protected]<mailto:[email protected]> Onderwerp: Re: [MarkLogic Dev General] Regarding Application builder I am using Marklogic(4.2). I created a website using application builder. I have an remote database with user details. I want to log in the website which I have created through application builder with the user details available in remote database. Please let me know if there is such an option. Anirudh WebRep Overall rating Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven. Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven.Fout! Bestandsnaam niet opgegeven. _______________________________________________ General mailing list [email protected]<mailto:[email protected]> http://developer.marklogic.com/mailman/listinfo/general WebRep Fout! Bestandsnaam niet opgegeven. Overall rating Fout! Bestandsnaam niet opgegeven. Fout! Bestandsnaam niet opgegeven. _______________________________________________ General mailing list [email protected]<mailto:[email protected]> http://developer.marklogic.com/mailman/listinfo/general _______________________________________________ General mailing list [email protected]<mailto:[email protected]> http://developer.marklogic.com/mailman/listinfo/general -- Anirudh _______________________________________________ General mailing list [email protected]<mailto:[email protected]> http://developer.marklogic.com/mailman/listinfo/general -- My Life is filled with terrible misfortune, most of which never happened.... WebRep [chrome://wrc/skin/png/line-dark-horizontal.png] Overall rating [chrome://wrc/skin/png/line-dark-horizontal.png] [chrome://wrc/skin/png/line-dark-horizontal.png]
_______________________________________________ General mailing list [email protected] http://developer.marklogic.com/mailman/listinfo/general
