I'll point out that in addition to xdmp:get-request-username(), there is also xdmp:get-current-user(), which I believe at run-time looks deep inside the server to see the precise user id that is evaluating the current line of XQuery.
I can imagine scenarios in which I wouldn't be at all surprised by a difference between xdmp:get-request-username() and xdmp:get-current-user() (eg. if xdmp:login() were used to set the user, if xdmp:eval() were passed a user-id parameter in 4.0, etc.). Unfortunately, none of that information helps you with the guarantee you seek, so I think Mike's final advice remains appropriate. In general, there may be differences between what an API does (ie. the way the code is written in the current release), and - because we take guarantees seriously - what it is guaranteed to do (ie. the constraints under which that code is written, along with the expectation that those constraints won't be changed in future releases). Support should be able to help you on both fronts. Sorry that I can't help more constructively. ian > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Michael Blakeley > Sent: Tuesday, September 30, 2008 10:11 AM > To: General Mark Logic Developer Discussion > Subject: Re: [MarkLogic Dev General] RE: mark logic handling > of Authorizationheader > > Mark, > > As I understand it, you are asking for a guarantee of product > behavior that is not specified in existing product > documentation. I could write you a simple test to show that a > server with application-level authentication still processes > the Authorization header for xdmp:get-request-username(), but > I suspect you've already done that. > > So I'd recommend that you contact support: they may be able > to provide you with additional documentation, or file a > request for enhancement. > > -- Mike > > Mark Boyd wrote: > > The stunned silence is very reassuring. Any takers? Any > Mark Logic representatives care to comment? > > > > Thanks. > > > > Mark > > > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Mark > > Boyd > > Sent: Monday, September 29, 2008 11:48 AM > > To: General Mark Logic Developer Discussion > > Subject: [MarkLogic Dev General] mark logic handling of > Authorization > > header > > > > Does anyone know if xdmp:get-request-username() is > guaranteed to always return the username of the Authorization > header for a request even when that Authorization header is > not specific to Mark Logic? For example, when > application-level authentication is configured for an http > app server but Mark Logic is sitting behind apache acting as > a reverse proxy that required basic auth to get to the > applications behind apache I'm letting that header through > and the Mark Logic application is decoding it and returning > the username for the xdmp:get-request-username() call even > though Mark Logic isn't protecting via basic auth. Is that > always guaranteed to work? The 3.2. documentation for that > method does not make it clear from where it gets its > information for the request. > > > > Mark > > ________________________________ > > NOTICE: This email message is for the sole use of the > intended recipient(s) and may contain confidential and > privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the > intended recipient, please contact the sender by reply email > and destroy all copies of the original message. > > > > > ---------------------------------------------------------------------- > > NOTICE: This email message is for the sole use of the > intended recipient(s) and may contain confidential and > privileged information. Any unauthorized review, use, > disclosure or distribution is prohibited. If you are not the > intended recipient, please contact the sender by reply email > and destroy all copies of the original message. > > > > > > > > > ---------------------------------------------------------------------- > > -- > > > > _______________________________________________ > > General mailing list > > [email protected] > > http://xqzone.com/mailman/listinfo/general > > _______________________________________________ > General mailing list > [email protected] > http://xqzone.com/mailman/listinfo/general > _______________________________________________ General mailing list [email protected] http://xqzone.com/mailman/listinfo/general
