Re: [basex-talk] Create Options are deleted from .basex config file

2017-06-05 Thread Marc Coenegracht 

Apparently that was the mistake.
Thank you!

Marc


On Mon, 5 Jun 2017, Christian Grün wrote:


Did you differentiate between global and local options [1]?

Cheers,
Christian

[1] http://docs.basex.org/wiki/Options


Am 05.06.2017 5:39 nachm. schrieb :
  Options manually added to the .basex config file are deleted by BaseX.

  For example, these Create Options all get deleted from the .basex file
  after running a standalone basex script:

  ADDARCHIVES = true
  CREATEFILTER = *.anx
  STRIPNS = true
  INTPARSE = true
  LANGUAGE = Dutch (also tried 'nl')


  Basex 8.5.3 on Linux


  Regards,
  Marc

Re: [basex-talk] Create Options are deleted from .basex config file

2017-06-05 Thread Christian Grün 
Did you differentiate between global and local options [1]?

Cheers,
Christian

[1] http://docs.basex.org/wiki/Options


Am 05.06.2017 5:39 nachm. schrieb :

Options manually added to the .basex config file are deleted by BaseX.

For example, these Create Options all get deleted from the .basex file
after running a standalone basex script:

ADDARCHIVES = true
CREATEFILTER = *.anx
STRIPNS = true
INTPARSE = true
LANGUAGE = Dutch (also tried 'nl')


Basex 8.5.3 on Linux


Regards,
Marc

[basex-talk] Create Options are deleted from .basex config file

2017-06-05 Thread marc 

Options manually added to the .basex config file are deleted by BaseX.

For example, these Create Options all get deleted from the .basex file 
after running a standalone basex script:


ADDARCHIVES = true
CREATEFILTER = *.anx
STRIPNS = true
INTPARSE = true
LANGUAGE = Dutch (also tried 'nl')


Basex 8.5.3 on Linux


Regards,
Marc

Re: [basex-talk] BaseX - questions about few issues

2017-06-05 Thread Christian Grün 
Dear Radim,

Welcome to the list.

> 1) BaseX GUI is automatically opened with administration permissions without
> any login request. Can it be fixed?

As the GUI has been designed for local standalone usage, no user can
be specified. If you plan to use BaseX in a distributed environment,
the DBA web interface may be the better choice.


> 2) Once user is created in a database, he or she has the same rights in all
> databases. Can it be fixed so the user has particular permisssion per
> database?

That’s possible. By default, new users have no permissions, and you
can assign user names and patterns to databases [1].

> 3) Or better, would it be posssible to set user permission per collection
> (like in Sedna or MonoDB)?

In BaseX, user permissions are always defined for databases.

> 4) I can see the users are stored in users.xml file, including with their
> permission and hashed password. It is a security issue for us because the
> digest hash can be decrypted in few seconds. Is it possible to obscure that
> sensitive information, or to not store it in the file?

How would you proceed to decode it that quickly? – The digest hash is
only required for HTTP digest authentication; feel free to remove it
from the users.xml file.


> 5) All queries are stored in logs. Queries for user creation or password
> change are stored in plain text there. Is there a way to obscure that
> sensitive information?

Passwords won’t be stored in the logs, so you’ll be safe.


> 6) It only is possible to create BaseX users. Is Active Directory account
> support in road-map, especially support for AD groups? It would be much
> appreciated.

Not yet. Sorry, I cannot give you any timeline, because it currently
has no high priority for us.


> 7) BaseX supports http protocol. Is it possible to make it work with https
> protocol as well?

Absolutely.

Hope this helps,
Christian

[1] http://docs.basex.org/wiki/User_Management

[basex-talk] BaseX - questions about few issues

2017-06-05 Thread radim-havlicek 
Hello,



we would like to build our database application on BaseX in our company. 
However, we would need to solve following issues we encountered with.




1) BaseX GUI is automatically opened with administration permissions without
any login request. Can it be fixed?

2) Once user is created in a database, he or she has the same rights in all
databases. Can it be fixed so the user has particular permisssion per
database?

3) Or better, would it be posssible to set user permission per collection 
(like in Sedna or MonoDB)?

4) I can see the users are stored in users.xml file, including with their 
permission and hashed password. It is a security issue for us because the 
digest hash can be decrypted in few seconds. Is it possible to obscure that
sensitive information, or to not store it in the file?

5) All queries are stored in logs. Queries for user creation or password 
change are stored in plain text there. Is there a way to obscure that 
sensitive information?

6) It only is possible to create BaseX users. Is Active Directory account 
support in road-map, especially support for AD groups? It would be much
appreciated.

7) BaseX supports http protocol. Is it possible to make it work with https
protocol as well?




If there is an answer "no" on some of those questions above, is correction
of those issuees in road-map?




Thank you for your answers in advance.

Best regards,





Radim Havlicek

Test Engineer III

 Honeywell International s.r.o.