Hi Danny, The easiest way out is to put a proxying tier in front that passes through only part or the API. You can do that relatively easily with for instance NodeJs. The REST-api is not really designed for public facing access..
Cheers, Geert From: Danny Sinang <[email protected]<mailto:[email protected]>> Reply-To: MarkLogic Developer Discussion <[email protected]<mailto:[email protected]>> Date: Saturday, March 28, 2015 at 2:55 PM To: general <[email protected]<mailto:[email protected]>> Subject: [MarkLogic Dev General] REST API allows for downloading of code ML apparently allows downloading of code for REST API resource extensions as documented in https://docs.marklogic.com/guide/rest-dev/extensions#id_20662 . For security purposes, is there a way to control which user can execute these REST API resource extensions and who can download their corresponding code ? Regards, Danny
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
