Skip to main content

Securing MarkLogic Server

Application-Level

Application-level authentication is available on all server types except XDBC.

Application-level authentication bypasses all authentication and automatically logs all users in as a specified default user. You specify the default user in the Admin Interface, and any users accessing the server automatically inherit the security attributes (roles, privileges, default permissions) of the default user.

The default user should have the required privileges to at least read the initial page of the application. In many application scenarios, the user is then given the opportunity to explicitly log in to the rest of the application from that page. How much of the application and what data a user can access before explicitly logging in depends on the application and the roles that the default user holds. For an example of this type of configuration, see Using Custom Login Pages.

Application-level can be used with internal security, LDAP, and SAML as authorization schemes.