Skip to main content

Securing MarkLogic Server

Privileges to Administer a Specific Resource

A privilege of this category grants a user an ability to administer a specific resource (for example, a database with the specified identifier). This privilege is granted by suffixing the administrator privilege for that kind of resource (for example, "database") with the specific identifier (for example, database-ID ), which results in the specific privilege (for example, http://marklogic.com/xdmp/privileges/admin/database/database-ID). This privilege may imply the privilege to read and write a portion of a configuration file. It also grants the ability to call various built-in functions for specific resources (for example, http://marklogic.com/xdmp/privileges/xdmp-forest-clear/forest/forest-ID privilege allows calls to xdmp:forest-clear() for that forest identifier).

The following privileges belong to this category:

http://marklogic.com/xdmp/privileges/admin/database/database-ID

http://marklogic.com/xdmp/privileges/admin/forest/forest-ID

http://marklogic.com/xdmp/privileges/admin/host/host-ID

http://marklogic.com/xdmp/privileges/admin/app-server/server-ID

http://marklogic.com/xdmp/privileges/admin/app-server-security/server-ID

http://marklogic.com/xdmp/privileges/admin/group/group-ID

http://marklogic.com/xdmp/privileges/admin/group-security/group-ID

http://marklogic.com/xdmp/privileges/admin/cluster/cluster-ID