Loading TOC...

xdmp:gss-server-negotiate

xdmp:gss-server-negotiate(
   $inputToken as xs:string
) as element()

Summary

This function is used for kerberos GSS authentication in application level authentication.

Parameters
$inputToken input token received from the client

Usage Notes

This function passes the input token to gss_accept_sec_context. The result is set in the negotiate status.

The structure of the data returned is as follows:

Example

declare namespace gss="http://marklogic.com/xdmp/status/negotiate";

let $authorization := xdmp:get-request-header("Authorization")
let $result := xdmp:gss-server-negotiate(fn:string($authorization))
return
  if ($result/gss:success eq fn:true()) then
     $result
  else
    (xdmp:set-response-code(401, "Unauthorized"),
     xdmp:add-response-header("WWW-Authenticate", 
         fn:concat("Negotiate ", gss:output-token)))
=>
<negotiate-status>
  <success>true</success>
  <output-token>oRQwEqADCgEAoQsGCSqGSIb3EgECAg==</output-token>
  <user>user1@ML.LOCAL</user>
</negotiate-status>

Stack Overflow iconStack Overflow: Get the most useful answers to questions from the MarkLogic community, or ask your own question.

Comments

The commenting feature on this page is enabled by a third party. Comments posted to this page are publicly visible.