Skip to main content

Securing MarkLogic Server

Limiting Access to a Subset of Users

This application access control method can be modified or extended to meet the requirements in many application scenarios. It uses more of the available security features and therefore requires a better understanding of the security model.

To limit application access to a subset of the users in the security database, perform the following steps using the Admin Interface:

  1. Create an execute privilege named exe-priv-app1 to represent the privilege to access the app server.

  2. Create a role named role-app1 that has exe-priv-app1 execute privilege.

  3. Add role-app1 to the roles of all users in the security database who should have access to this app server.

  4. In the Configuration page for this app server, scroll down to the authentication field and select digest, basic or digest-basic. If you want to use application-level authentication to achieve the same objective, a custom login page is required. See the next section for details.

  5. Select exe-priv-app1 for the privilege field. Once this is done, only the users who have the exe-priv-app1 by virtue of their role(s) are able to access this app server.

Note

If you want any user in the security database to be able to access the application, leave the privilege field blank.

At this point, the application access control is configured.

This method of authentication also needs to be accompanied by the appropriate security configuration for both users and documents associated with this app server. For example, functions such as xdmp:document-insert and xdmp:document-load throw exceptions unless the user possesses the appropriate execute privileges. Also, users must have the appropriate default permissions (or specify the appropriate permissions with the API) when creating new documents in a database. Documents created by a user who does not have the admin role must be created with at least one update permission or else the transaction throws an XDMP-MUSTHAVEUPDATE exception. The update permission is required because otherwise once the documents are created no user (except users with the admin role) would be able to access them, including the user who created them.

In this section: