Skip to main content

Securing MarkLogic Server

Digest-Basic

Digest-basic authentication is available on all server types.

Digest-basic uses the more secure digest scheme whenever possible, but it reverts to basic authentication when needed. Some older browsers, for example, do not support digest authentication. Digest-basic is also useful if you previously used basic authentication but want to migrate to digest. The first time a user accesses the server after changing from basic to digest-basic, the server computes the digest password by extracting the relevant information from the credentials supplied in basic.

Digest-basic can be used with internal security, LDAP, and SAML as authorization schemes.

Note

Since the browser does not provide a way to clear a user’s authentication information in basic, basic-digest, or digest, the user remains logged in until the browser is shut down. In addition, there is no way to create a custom login page using these schemes. For certain deployments, application-level authentication may be more appropriate.