sec.createExternalSecurity( external-security-name as String, description as String, authentication as String, cache-timeout as Number, authorization as String, ldap-server as (sec.ldapServer)?, saml-server as (sec.samlServer)? ) as (Number|String)
This function creates an external authentication configuration object and returns the id of the configuration. This configuration is used when MarkLogic Server is used with an external Kerberos and/or LDAP server to control user access.
For more information on external security, see External Security in the Security Guide.
Parameters | |
---|---|
external-security-name | The name of external authentication configuration. |
description | The description of external authentication configuration. |
authentication |
The authentication protocol. This can be either
ldap , saml ,
kerberos , or certificate .
If authentication is |
cache-timeout | Login cache timeout, in seconds. |
authorization |
The authorization scheme. Set to ldap for external authorization
using an LDAP server, internal to authorize using MarkLogic Server,
or saml for SAML authorization.
|
ldap-server | The LDAP server configuration created by the sec:ldap-server function. |
saml-server | The SAML server configuration created by the sec:saml-server function. |
// Execute this against the security database. declareUpdate(); const sec = require('/MarkLogic/security'); const ldapConfig = sec.ldapServer( 'ldap://dc1.mltest1.local:389', 'CN=Users,DC=MLTEST1,DC=LOCAL', 'sAMAccountName', 'cn=User1,cn=Users,dc=MLTEST1,dc=local', 'password1', 'simple'); sec.createExternalSecurity( 'ldapConfig', 'config for ldap', 'ldap', 300, 'ldap', ldapConfig, null); // Creates an external authorization configuration object, named 'ldapConfig', // that uses the 'simple' bind method for an LDAP server.