XQuery xdmp:gss-server-negotiate

xdmp.gssServerNegotiate

xdmp.gssServerNegotiate(
   inputToken as String
) as Object

Summary

This function is used for kerberos GSS authentication in application level authentication.

Parameters
inputToken input token received from the client

Usage Notes

This function passes the input token to gss_accept_sec_context. The result is set in the negotiate status.

The structure of the data returned is as follows:

success

true if gss_accept_sec_context returns GSS_S_COMPLETE.

output-token

The output token from gss_accept_sec_context.

user

The user name if authentication is successful.

Example

const authorization = xdmp.getRequestHeader("Authorization");
 
if (authorization != "") {
  xdmp.gssServerNegotiate(authorization);
} else {
  xdmp.setResponseCode(401, "Unauthorized");
  xdmp.addResponseHeader("WWW-Authenticate", "Negotiate ");
}
=>
{
  "success":true, 
  "outputToken":"oRQwEqADCgEAoQsGCSqGSIb3EgECAg==", 
  "user":"test1@MLTEST1.LOCAL"
}
Powered by MarkLogic Server | Terms of Use | Privacy Policy