Creating a MarkLogic Server User with an Internal Name
To configure certificate-based user authentication for user, demoUser1
, as a MarkLogic Server internal user, follow these steps in the Admin Interface:
Click Security in the left tree menu.
Under Security, click Users.
Click the Create tab. The User Configuration page appears.
In the User Name field, enter the user name as it appears in the
CN
value of the certificateSubject
field (demoUser1
in the example shown in User Certificate Example)Enter and confirm a password.
Click OK.
Next, change the app server configuration. At the top of the left tree menu, click Server.
Under the Summary tab, and the App Servers heading, click the name of the app server.
On the Configure tab, set the Authentication field to Certificate.
Set Internal Security to true.
If you do not wish to have the user authenticated as an external user, be sure that External Securities are set to None,
Scroll down to the bottom of the page and in the Ssl Client Certificate Authorities section, click Show.
Select the certificate authority created in CA Certificate (User Cert Signer) Import from Admin Interface to sign the client/user certificate.
Click OK.
Once configured, demoUser1
is now able to access the app server with a browser that has the user certificate installed, as described in Certificate Template & Template CA Import into Client (Browser/SSL Client).
Note
You will also need to assign the necessary roles to demoUser1
to access the needed MarkLogic Server resources.