Hi Chris, The blog article is about securing a REST endpoint in a Node.js middle tier. But we explore options to use the JWT in MarkLogic server side code.
Cheers, Andreas 2017-09-18 12:52 GMT+02:00 Chris Day <[email protected]>: > Hi Andreas, > > > > Here is an article that may be of interest in regards to securing REST > endpoints with JWT. > > > > https://developer.marklogic.com/blog/securing-a-rest-api > > > > It may help to give you some ideas to get up and running. > > > > Regards, > Chris Day > > > > *Chris Day - *Sales Engineer > > [email protected] > > *Mobile: *+61 433 370 083 <+61%20433%20370%20083> > > *Phone: *+61 2 8315 1556 <+61%202%208315%201556> > > *Skype: * chrisday-aus > > *Twitter: *@ML_ChrisDay > > *MarkLogic Pty Ltd* > > www.marklogic.com > > What’s new in MarkLogic 9? MLU self-paced course - https://goo.gl/tMWkoq > > <http://www.marklogic.com/social> > > *This e-mail and any accompanying attachments are confidential. The > information is intended solely for the use of the individual to whom it is > addressed. Any review, disclosure, copying, distribution, or use of this > e-mail communication by others is strictly prohibited. If you are not the > intended recipient, please notify us immediately by returning this message > to the sender and delete all copies. Thank you for your cooperation.* > > > > > > *From: *<[email protected]> on behalf of Andreas > Hubmer <[email protected]> > *Reply-To: *MarkLogic Developer Discussion <[email protected]. > com> > *Date: *Monday, 18 September 2017 at 6:53 pm > > *To: *MarkLogic Developer Discussion <[email protected]> > *Subject: *Re: [MarkLogic Dev General] Create temporary user > > > > No, it has to be JWT. As I understand it, they are not compatible. > > > > > > 2017-09-18 10:09 GMT+02:00 Geert Josten <[email protected]>: > > Could SAML authorization be of use to you? http://docs.marklogic. > com/guide/security/external-auth#id_81653 > > > > SAML support was added in MarkLogic 9. > > > > Cheers, > > Geert > > > > *From: *<[email protected]> on behalf of Andreas > Hubmer <[email protected]> > *Reply-To: *MarkLogic Developer Discussion <[email protected]. > com> > *Date: *Monday, September 18, 2017 at 9:07 AM > *To: *MarkLogic Developer Discussion <[email protected]> > *Subject: *Re: [MarkLogic Dev General] Create temporary user > > > > Justin, > > > > I'll answer for my colleague. > > We'd like to use JSON Web Tokens (JWT) and extract the user roles from the > token. > > The users are managed in an external system and similar to the LDAP > connection we want to avoid that every user has to be created/updated in > MarkLogic too. > > > > Amps do not give the same flexibility as a temporary user with an > arbitrary combination of roles. > > > > Thanks, > > Andreas > > > > 2017-09-15 17:50 GMT+02:00 Justin Makeig <[email protected]>: > > Andreas, > Rather than describe your solution, can you explain the problem you’re > trying to solve? Why do you think you need a temporary user? What > permission/privilege challenge are you trying to address? > > You might also take a look at amps <https://docs.marklogic.com/ > guide/admin/security#id_81246>. An amp allows a security administrator to > elevate the privileges of a specific function. This is beneficial in that > the security is defined in configuration, not code. > > Justin > > > -- > Justin Makeig > Senior Director, Product Management > MarkLogic > [email protected] > > > > > > On Sep 15, 2017, at 4:29 AM, Andreas Holzgethan < > [email protected]> wrote: > > > > Hi @all, > > > > I need the possibility to create temporary user for a transaction. > > I just found in the documentation that such a functionality is used when > for example LDAP is configured as an external security. > > > > Could you please explain me how this is done there? > > > > My thirst thought was to create a user with the function > "sec:create-user-with-role". At the end of the transaction I would just > call the function "sec:remove-user". > > Could you please give me feedback about this implementation? > > Is such a implementation a big influence on the performance? > > > > Thanks! > > > > Best regards > > Andreas Holzgethan > > > > Andreas Holzgethan BSc. > > > > IT Consultant > > > > -- > > Andreas Hubmer > > Senior IT Consultant > > > > EBCONT enterprise technologies GmbH > > > > _______________________________________________ > General mailing list > [email protected] > Manage your subscription at: > http://developer.marklogic.com/mailman/listinfo/general > > -- Andreas Hubmer Senior IT Consultant EBCONT enterprise technologies GmbH Millennium Tower Handelskai 94-96 A-1200 Vienna Mobile: +43 664 60651861 Fax: +43 2772 512 69-9 Email: [email protected] Web: http://www.ebcont.com OUR TEAM IS YOUR SUCCESS UID-Nr. ATU68135644 HG St.Pölten - FN 399978 d
_______________________________________________ General mailing list [email protected] Manage your subscription at: http://developer.marklogic.com/mailman/listinfo/general
