Test It Out

Securing MarkLogic Server

When John and Pari perform a read or a node-update against the database, the results are shown in the following table:

Document	Metadata	User with `read` Access	User with `node-update` Access
`/doc1.xml`	feature	John
`/doc2.xml`	price	Pari	Pari
`/doc3.xml`	feature	John
`/doc4.xml`	price	Pari	Pari
`/doc5.xml`	`can-read` and `can-update` permission keys, `group-all`	John, Pari, Mike	John, Pari
`/doc6.xml`	`can-read` and `can-update` permission keys	John, Pari	John, Pari

Mike is not able to read /doc6.xml although he has the can-read role. The access to /doc6.xml is further restricted by the user queries.

In this section:

Securing MarkLogic Server