So does this mean all restxq code always runs as admin and can do anything? On 12 Jan 2015 17:37, "Christian Grün" <christian.gr...@gmail.com> wrote:
> Hi Andy, > > With BaseX 8.0, no authentication is required anymore when using > RESTXQ, because all code to be executed is defined server-side. This > continues to be different with REST and WebDAV. > > Hope this helps? > Christian > > > On Mon, Jan 12, 2015 at 6:09 PM, Andy Bunce <bunce.a...@gmail.com> wrote: > > Hi, > > Just investigating user handling, I am using the latest snapsnap. > > > > I start basexhttp with -U guest -P guest > > and/or I set org.basex.user and org.basex.password in web.xml > > > > Sometimes I have created a user ( guest with password guest) and > permission > > none via dba. Sometimes I have deleted the guest user. > > > > In all cases I appear to be able to run restxq queries and in those > queries > > read from databases. > > > > Am I misunderstanding something here? > > > > /Andy > > > > > > > > > > > > > > >