Skip to main content

Securing MarkLogic Server

Plan Roles and Privileges

Depending on your security requirements and the structure of your enterprise or organization, plan the roles and privileges that make the most sense.

  1. Determine the level of granularity with which you need to protect objects in the database.

  2. Determine how you want to group privileges together in roles.

  3. Create needed URI and execute privileges.

  4. Create roles.

  5. Create users.

  6. Assign users to roles.

  7. Set default permissions for users, either indirectly through roles or directly through the users.

  8. Protect code with xdmp:security-assert functions, where needed.

  9. Load your documents with the appropriate permissions. If needed, change the permissions of existing documents using the xdmp:document-add-permissions, xdmp:document-set-permissions, and xdmp:document-remove-permissions functions.

  10. Assign access privileges to HTTP, WebDAV, ODBC, and XDBC servers as needed.

In this section: